mirror/freebsd
1
0
Fork 0
mirror of https://git.FreeBSD.org/src.git synced 2024-11-28 08:02:54 +00:00
Code Issues Releases Activity

Vendor import of OpenSSL 0.9.7d.

Browse Source
This commit is contained in:
Jacques Vidrine 2004-03-17 15:49:33 +00:00
parent 81ac585294
commit ced566fd0b
Notes: svn2git 2020-12-20 02:59:44 +00:00 
svn path=/vendor-crypto/openssl/dist/; revision=127128
190 changed files with 2619 additions and 1517 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

45
crypto/openssl/CHANGES
View File

@ -2,6 +2,51 @@
OpenSSL CHANGES
_______________
Changes between 0.9.7c and 0.9.7d [17 Mar 2004]
*) Fix null-pointer assignment in do_change_cipher_spec() revealed
by using the Codenomicon TLS Test Tool (CAN-2004-0079)
[Joe Orton, Steve Henson]
*) Fix flaw in SSL/TLS handshaking when using Kerberos ciphersuites
(CAN-2004-0112)
[Joe Orton, Steve Henson]
*) Make it possible to have multiple active certificates with the same
subject in the CA index file. This is done only if the keyword
'unique_subject' is set to 'no' in the main CA section (default
if 'CA_default') of the configuration file. The value is saved
with the database itself in a separate index attribute file,
named like the index file with '.attr' appended to the name.
[Richard Levitte]
*) X509 verify fixes. Disable broken certificate workarounds when
X509_V_FLAGS_X509_STRICT is set. Check CRL issuer has cRLSign set if
keyUsage extension present. Don't accept CRLs with unhandled critical
extensions: since verify currently doesn't process CRL extensions this
rejects a CRL with *any* critical extensions. Add new verify error codes
for these cases.
[Steve Henson]
*) When creating an OCSP nonce use an OCTET STRING inside the extnValue.
A clarification of RFC2560 will require the use of OCTET STRINGs and
some implementations cannot handle the current raw format. Since OpenSSL
copies and compares OCSP nonces as opaque blobs without any attempt at
parsing them this should not create any compatibility issues.
[Steve Henson]
*) New md flag EVP_MD_CTX_FLAG_REUSE this allows md_data to be reused when
calling EVP_MD_CTX_copy_ex() to avoid calling OPENSSL_malloc(). Without
this HMAC (and other) operations are several times slower than OpenSSL
< 0.9.7.
[Steve Henson]
*) Print out GeneralizedTime and UTCTime in ASN1_STRING_print_ex().
[Peter Sylvester <Peter.Sylvester@EdelWeb.fr>]
*) Use the correct content when signing type "other".
[Steve Henson]
Changes between 0.9.7b and 0.9.7c [30 Sep 2003]
*) Fix various bugs revealed by running the NISCC test suite:

19
crypto/openssl/Configure
View File

@ -145,10 +145,10 @@ my %table=(
"debug-ulf", "gcc:-DL_ENDIAN -DREF_CHECK -DCONF_DEBUG -DBN_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -g -O2 -m486 -Wall -Werror -Wshadow -pipe::-D_REENTRANT:::${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}",
"debug-steve", "gcc:-DL_ENDIAN -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DDEBUG_SAFESTACK -DCRYPTO_MDEBUG_ALL -DPEDANTIC -g -mcpu=i486 -pedantic -Wall -Werror -Wshadow -pipe::-D_REENTRANT::-rdynamic -ldl:${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn",
"debug-steve-linux-pseudo64", "gcc:-DL_ENDIAN -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DDEBUG_SAFESTACK -DCRYPTO_MDEBUG_ALL -DOPENSSL_NO_ASM -g -mcpu=i486 -Wall -Werror -Wshadow -pipe::-D_REENTRANT::-rdynamic -ldl:SIXTY_FOUR_BIT::dlfcn",
"debug-levitte-linux-elf","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -DPEDANTIC -ggdb -g3 -mcpu=i486 -pedantic -ansi -Wall -Wshadow -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wno-long-long -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"debug-levitte-linux-noasm","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DOPENSSL_NO_ASM -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -DPEDANTIC -ggdb -g3 -mcpu=i486 -pedantic -ansi -Wall -Wshadow -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wno-long-long -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"debug-levitte-linux-elf-extreme","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -DPEDANTIC -ggdb -g3 -mcpu=i486 -pedantic -ansi -Wall -W -Wundef -Wshadow -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wconversion -Wno-long-long -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"debug-levitte-linux-noasm-extreme","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DOPENSSL_NO_ASM -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -DPEDANTIC -ggdb -g3 -mcpu=i486 -pedantic -ansi -Wall -W -Wundef -Wshadow -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wconversion -Wno-long-long -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"debug-levitte-linux-elf","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -DPEDANTIC -ggdb -g3 -mcpu=i486 -pedantic -ansi -Wall -Wshadow -Wcast-align -Wmissing-prototypes -Wno-long-long -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"debug-levitte-linux-noasm","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DOPENSSL_NO_ASM -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -DPEDANTIC -ggdb -g3 -mcpu=i486 -pedantic -ansi -Wall -Wshadow -Wcast-align -Wmissing-prototypes -Wno-long-long -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"debug-levitte-linux-elf-extreme","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -DPEDANTIC -ggdb -g3 -mcpu=i486 -pedantic -ansi -Wall -W -Wundef -Wshadow -Wcast-align -Wmissing-prototypes -Wconversion -Wno-long-long -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"debug-levitte-linux-noasm-extreme","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DOPENSSL_NO_ASM -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -DPEDANTIC -ggdb -g3 -mcpu=i486 -pedantic -ansi -Wall -W -Wundef -Wshadow -Wcast-align -Wmissing-prototypes -Wconversion -Wno-long-long -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"dist", "cc:-O::(unknown)::::::",
# Basic configs that should work on any (32 and less bit) box
@ -216,13 +216,13 @@ my %table=(
"irix-cc", "cc:-O2 -use_readonly_const -DTERMIOS -DB_ENDIAN::(unknown):::BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC2 DES_UNROLL BF_PTR::::::::::dlfcn:irix-shared:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
#### IRIX 6.x configs
# Only N32 and N64 ABIs are supported. If you need O32 ABI build, invoke
# './Configure irix-[g]cc' manually.
# './Configure irix-cc -o32' manually.
# -mips4 flag is added by ./config when appropriate.
"irix-mips3-gcc","gcc:-mabi=n32 -mmips-as -O3 -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::MD2_CHAR RC4_INDEX RC4_CHAR RC4_CHUNK_LL DES_UNROLL DES_RISC2 DES_PTR BF_PTR SIXTY_FOUR_BIT:${mips3_irix_asm}:dlfcn:irix-shared:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"irix-mips3-cc", "cc:-n32 -mips3 -O2 -use_readonly_const -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::DES_PTR RC4_CHAR RC4_CHUNK_LL DES_RISC2 DES_UNROLL BF_PTR SIXTY_FOUR_BIT:${mips3_irix_asm}:dlfcn:irix-shared:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"irix-mips3-gcc","gcc:-mabi=n32 -mmips-as -O3 -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::MD2_CHAR RC4_INDEX RC4_CHAR RC4_CHUNK_LL DES_UNROLL DES_RISC2 DES_PTR BF_PTR SIXTY_FOUR_BIT:${mips3_irix_asm}:dlfcn:irix-shared::-mabi=n32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"irix-mips3-cc", "cc:-n32 -mips3 -O2 -use_readonly_const -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::DES_PTR RC4_CHAR RC4_CHUNK_LL DES_RISC2 DES_UNROLL BF_PTR SIXTY_FOUR_BIT:${mips3_irix_asm}:dlfcn:irix-shared::-n32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
# N64 ABI builds.
"irix64-mips4-gcc","gcc:-mabi=64 -mips4 -mmips-as -O3 -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG:${mips3_irix_asm}:dlfcn:irix-shared:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"irix64-mips4-cc", "cc:-64 -mips4 -O2 -use_readonly_const -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG:${mips3_irix_asm}:dlfcn:irix-shared:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"irix64-mips4-gcc","gcc:-mabi=64 -mips4 -mmips-as -O3 -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG:${mips3_irix_asm}:dlfcn:irix-shared::-mabi=64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"irix64-mips4-cc", "cc:-64 -mips4 -O2 -use_readonly_const -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG:${mips3_irix_asm}:dlfcn:irix-shared::-64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
#### Unified HP-UX ANSI C configs.
# Special notes:
@ -260,6 +260,7 @@ my %table=(
# 64bit PARISC for GCC without optimization, which seems to make problems.
# Submitted by <ross.alexander@uk.neceur.com>
"hpux64-parisc-gcc","gcc:-DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::::::::::dlfcn:hpux64-shared:-fpic::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"hpux64-parisc2-gcc","gcc:-O3 -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:asm/pa-risc2W.o:::::::::dlfcn:hpux64-shared:-fpic::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
# IA-64 targets
"hpux-ia64-cc","cc:-Ae +DD32 +O3 +Olit=all -z -DB_ENDIAN::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:asm/ia64-cpp.o:::::::::dlfcn:hpux-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",

7
crypto/openssl/FAQ
View File

@ -68,7 +68,7 @@ OpenSSL - Frequently Asked Questions
* Which is the current version of OpenSSL?
The current version is available from <URL: http://www.openssl.org>.
OpenSSL 0.9.7c was released on September 30, 2003.
OpenSSL 0.9.7d was released on March 17, 2004.
In addition to the current stable release, you can also access daily
snapshots of the OpenSSL development version at <URL:
@ -116,11 +116,14 @@ OpenSSL. Information on the OpenSSL mailing lists is available from
* Where can I get a compiled version of OpenSSL?
You can finder pointers to binary distributions in
http://www.openssl.org/related/binaries.html .
Some applications that use OpenSSL are distributed in binary form.
When using such an application, you don't need to install OpenSSL
yourself; the application will include the required parts (e.g. DLLs).
If you want to install OpenSSL on a Windows system and you don't have
If you want to build OpenSSL on a Windows system and you don't have
a C compiler, read the "Mingw32" section of INSTALL.W32 for information
on how to obtain and install the free GNU C compiler.

2
crypto/openssl/LICENSE
View File

@ -12,7 +12,7 @@
---------------
/* ====================================================================
* Copyright (c) 1998-2003 The OpenSSL Project. All rights reserved.
* Copyright (c) 1998-2004 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions

10
crypto/openssl/Makefile.org
View File

@ -456,10 +456,12 @@ do_irix-shared:
if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \
libs="$(LIBKRB5) $$libs"; \
fi; \
( set -x; ${CC} ${SHARED_LDFLAGS} \
( WHOLELIB="-all lib$$i.a -notall"; \
(${CC} -v 2>&1 | grep gcc) > /dev/null && WHOLELIB="-Wl,-all,lib$$i.a,-notall"; \
set -x; ${CC} ${SHARED_LDFLAGS} \
-shared -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
-Wl,-soname,lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
-all lib$$i.a $$libs ${EX_LIBS} -lc) || exit 1; \
$${WHOLELIB} $$libs ${EX_LIBS} -lc) || exit 1; \
libs="-l$$i $$libs"; \
done; \
fi
@ -832,7 +834,7 @@ install: all install_docs
fi; \
fi
cp openssl.pc $(INSTALL_PREFIX)$(INSTALLTOP)/lib/pkgconfig
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/pkgconfig
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/pkgconfig/openssl.pc
install_docs:
@$(PERL) $(TOP)/util/mkdir-p.pl \
@ -857,6 +859,7 @@ install_docs:
> $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$fn.$${sec}$(MANSUFFIX); \
$(PERL) util/extract-names.pl < $$i | \
grep -v $$filecase "^$$fn\$$" | \
grep -v "[ ]" | \
(cd $(INSTALL_PREFIX)$(MANDIR)/man$$sec/; \
while read n; do \
$$here/util/point.sh $$fn.$${sec}$(MANSUFFIX) "$$n".$${sec}$(MANSUFFIX); \
@ -873,6 +876,7 @@ install_docs:
> $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$fn.$${sec}$(MANSUFFIX); \
$(PERL) util/extract-names.pl < $$i | \
grep -v $$filecase "^$$fn\$$" | \
grep -v "[ ]" | \
(cd $(INSTALL_PREFIX)$(MANDIR)/man$$sec/; \
while read n; do \
$$here/util/point.sh $$fn.$${sec}$(MANSUFFIX) "$$n".$${sec}$(MANSUFFIX); \

22
crypto/openssl/Makefile.ssl
View File

@ -4,7 +4,7 @@
## Makefile for OpenSSL
##
VERSION=0.9.7c
VERSION=0.9.7d
MAJOR=0
MINOR=9.7
SHLIB_VERSION_NUMBER=0.9.7
@ -12,9 +12,9 @@ SHLIB_VERSION_HISTORY=
SHLIB_MAJOR=0
SHLIB_MINOR=9.7
SHLIB_EXT=
PLATFORM=VC-WIN16
PLATFORM=dist
OPTIONS= no-krb5
CONFIGURE_ARGS=VC-WIN16
CONFIGURE_ARGS=dist
SHLIB_TARGET=
# HERE indicates where this Makefile lives. This can be used to indicate
@ -59,9 +59,9 @@ OPENSSLDIR=/usr/local/ssl
# equal 4.
# PKCS1_CHECK - pkcs1 tests.
CC= cl
CC= cc
#CFLAG= -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized -DSHA1_ASM -DMD5_ASM -DRMD160_ASM
CFLAG= -DOPENSSL_SYSNAME_WIN16 -DOPENSSL_NO_KRB5
CFLAG= -DOPENSSL_NO_KRB5 -O
DEPFLAG=
PEX_LIBS=
EX_LIBS=
@ -69,7 +69,7 @@ EXE_EXT=
ARFLAGS=
AR=ar $(ARFLAGS) r
RANLIB= /usr/bin/ranlib
PERL= /usr/local/bin/perl5
PERL= /usr/local/bin/perl
TAR= tar
TARFLAGS= --no-recursion
MAKEDEPPROG=makedepend
@ -458,10 +458,12 @@ do_irix-shared:
if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \
libs="$(LIBKRB5) $$libs"; \
fi; \
( set -x; ${CC} ${SHARED_LDFLAGS} \
( WHOLELIB="-all lib$$i.a -notall"; \
(${CC} -v 2>&1 | grep gcc) > /dev/null && WHOLELIB="-Wl,-all,lib$$i.a,-notall"; \
set -x; ${CC} ${SHARED_LDFLAGS} \
-shared -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
-Wl,-soname,lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
-all lib$$i.a $$libs ${EX_LIBS} -lc) || exit 1; \
$${WHOLELIB} $$libs ${EX_LIBS} -lc) || exit 1; \
libs="-l$$i $$libs"; \
done; \
fi
@ -834,7 +836,7 @@ install: all install_docs
fi; \
fi
cp openssl.pc $(INSTALL_PREFIX)$(INSTALLTOP)/lib/pkgconfig
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/pkgconfig
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/pkgconfig/openssl.pc
install_docs:
@$(PERL) $(TOP)/util/mkdir-p.pl \
@ -859,6 +861,7 @@ install_docs:
> $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$fn.$${sec}$(MANSUFFIX); \
$(PERL) util/extract-names.pl < $$i | \
grep -v $$filecase "^$$fn\$$" | \
grep -v "[ ]" | \
(cd $(INSTALL_PREFIX)$(MANDIR)/man$$sec/; \
while read n; do \
$$here/util/point.sh $$fn.$${sec}$(MANSUFFIX) "$$n".$${sec}$(MANSUFFIX); \
@ -875,6 +878,7 @@ install_docs:
> $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$fn.$${sec}$(MANSUFFIX); \
$(PERL) util/extract-names.pl < $$i | \
grep -v $$filecase "^$$fn\$$" | \
grep -v "[ ]" | \
(cd $(INSTALL_PREFIX)$(MANDIR)/man$$sec/; \
while read n; do \
$$here/util/point.sh $$fn.$${sec}$(MANSUFFIX) "$$n".$${sec}$(MANSUFFIX); \

8
crypto/openssl/NEWS
View File

@ -5,6 +5,14 @@
This file gives a brief overview of the major changes between each OpenSSL
release. For more details please read the CHANGES file.
Major changes between OpenSSL 0.9.7c and OpenSSL 0.9.7d:
o Security: Fix Kerberos ciphersuite SSL/TLS handshaking bug
o Security: Fix null-pointer assignment in do_change_cipher_spec()
o Allow multiple active certificates with same subject in CA index
o Multiple X590 verification fixes
o Speed up HMAC and other operations
Major changes between OpenSSL 0.9.7b and OpenSSL 0.9.7c:
o Security: fix various ASN1 parsing bugs.

4
crypto/openssl/README
View File

@ -1,7 +1,7 @@
OpenSSL 0.9.7c 30 Sep 2003
OpenSSL 0.9.7d 17 Mar 2004
Copyright (c) 1998-2003 The OpenSSL Project
Copyright (c) 1998-2004 The OpenSSL Project
Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
All rights reserved.

2
crypto/openssl/apps/CA.pl
View File

@ -1,4 +1,4 @@
#!/usr/bin/perl
#!/usr/local/bin/perl
#
# CA - wrapper around ca to make it easier to use ... basically ca requires
# some setup stuff to be done before you can use it and this makes

2
crypto/openssl/apps/Makefile.ssl
View File

@ -121,7 +121,7 @@ tags:
tests:
links:
@$(TOP)/util/point.sh Makefile.ssl Makefile
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff

563
crypto/openssl/apps/apps.c
View File

@ -501,7 +501,7 @@ static int ui_read(UI *ui, UI_STRING *uis)
{
const char *password =
((PW_CB_DATA *)UI_get0_user_data(ui))->password;
if (password[0] != '\0')
if (password && password[0] != '\0')
{
UI_set_result(ui, uis, password);
return 1;
@ -525,7 +525,7 @@ static int ui_write(UI *ui, UI_STRING *uis)
{
const char *password =
((PW_CB_DATA *)UI_get0_user_data(ui))->password;
if (password[0] != '\0')
if (password && password[0] != '\0')
return 1;
}
default:
@ -1411,14 +1411,565 @@ int load_config(BIO *err, CONF *cnf)
char *make_config_name()
{
const char *t=X509_get_default_cert_area();
size_t len;
char *p;
p=OPENSSL_malloc(strlen(t)+strlen(OPENSSL_CONF)+2);
strcpy(p,t);
len=strlen(t)+strlen(OPENSSL_CONF)+2;
p=OPENSSL_malloc(len);
BUF_strlcpy(p,t,len);
#ifndef OPENSSL_SYS_VMS
strcat(p,"/");
BUF_strlcat(p,"/",len);
#endif
strcat(p,OPENSSL_CONF);
BUF_strlcat(p,OPENSSL_CONF,len);
return p;
}
static unsigned long index_serial_hash(const char **a)
{
const char *n;
n=a[DB_serial];
while (*n == '0') n++;
return(lh_strhash(n));
}
static int index_serial_cmp(const char **a, const char **b)
{
const char *aa,*bb;
for (aa=a[DB_serial]; *aa == '0'; aa++);
for (bb=b[DB_serial]; *bb == '0'; bb++);
return(strcmp(aa,bb));
}
static int index_name_qual(char **a)
{ return(a[0][0] == 'V'); }
static unsigned long index_name_hash(const char **a)
{ return(lh_strhash(a[DB_name])); }
int index_name_cmp(const char **a, const char **b)
{ return(strcmp(a[DB_name],
b[DB_name])); }
static IMPLEMENT_LHASH_HASH_FN(index_serial_hash,const char **)
static IMPLEMENT_LHASH_COMP_FN(index_serial_cmp,const char **)
static IMPLEMENT_LHASH_HASH_FN(index_name_hash,const char **)
static IMPLEMENT_LHASH_COMP_FN(index_name_cmp,const char **)
#undef BSIZE
#define BSIZE 256
BIGNUM *load_serial(char *serialfile, int create, ASN1_INTEGER **retai)
{
BIO *in=NULL;
BIGNUM *ret=NULL;
MS_STATIC char buf[1024];
ASN1_INTEGER *ai=NULL;
ai=ASN1_INTEGER_new();
if (ai == NULL) goto err;
if ((in=BIO_new(BIO_s_file())) == NULL)
{
ERR_print_errors(bio_err);
goto err;
}
if (BIO_read_filename(in,serialfile) <= 0)
{
if (!create)
{
perror(serialfile);
goto err;
}
else
{
ASN1_INTEGER_set(ai,1);
ret=BN_new();
if (ret == NULL)
BIO_printf(bio_err, "Out of memory\n");
else
BN_one(ret);
}
}
else
{
if (!a2i_ASN1_INTEGER(in,ai,buf,1024))
{
BIO_printf(bio_err,"unable to load number from %s\n",
serialfile);
goto err;
}
ret=ASN1_INTEGER_to_BN(ai,NULL);
if (ret == NULL)
{
BIO_printf(bio_err,"error converting number from bin to BIGNUM\n");
goto err;
}
}
if (ret && retai)
{
*retai = ai;
ai = NULL;
}
err:
if (in != NULL) BIO_free(in);
if (ai != NULL) ASN1_INTEGER_free(ai);
return(ret);
}
int save_serial(char *serialfile, char *suffix, BIGNUM *serial, ASN1_INTEGER **retai)
{
char buf[1][BSIZE];
BIO *out = NULL;
int ret=0;
ASN1_INTEGER *ai=NULL;
int j;
if (suffix == NULL)
j = strlen(serialfile);
else
j = strlen(serialfile) + strlen(suffix) + 1;
if (j >= BSIZE)
{
BIO_printf(bio_err,"file name too long\n");
goto err;
}
if (suffix == NULL)
BUF_strlcpy(buf[0], serialfile, BSIZE);
else
{
#ifndef OPENSSL_SYS_VMS
j = BIO_snprintf(buf[0], sizeof buf[0], "%s.%s", serialfile, suffix);
#else
j = BIO_snprintf(buf[0], sizeof buf[0], "%s-%s", serialfile, suffix);
#endif
}
#ifdef RL_DEBUG
BIO_printf(bio_err, "DEBUG: writing \"%s\"\n", buf[0]);
#endif
out=BIO_new(BIO_s_file());
if (out == NULL)
{
ERR_print_errors(bio_err);
goto err;
}
if (BIO_write_filename(out,buf[0]) <= 0)
{
perror(serialfile);
goto err;
}
if ((ai=BN_to_ASN1_INTEGER(serial,NULL)) == NULL)
{
BIO_printf(bio_err,"error converting serial to ASN.1 format\n");
goto err;
}
i2a_ASN1_INTEGER(out,ai);
BIO_puts(out,"\n");
ret=1;
if (retai)
{
*retai = ai;
ai = NULL;
}
err:
if (out != NULL) BIO_free_all(out);
if (ai != NULL) ASN1_INTEGER_free(ai);
return(ret);
}
int rotate_serial(char *serialfile, char *new_suffix, char *old_suffix)
{
char buf[5][BSIZE];
int i,j;
struct stat sb;
i = strlen(serialfile) + strlen(old_suffix);
j = strlen(serialfile) + strlen(new_suffix);
if (i > j) j = i;
if (j + 1 >= BSIZE)
{
BIO_printf(bio_err,"file name too long\n");
goto err;
}
#ifndef OPENSSL_SYS_VMS
j = BIO_snprintf(buf[0], sizeof buf[0], "%s.%s",
serialfile, new_suffix);
#else
j = BIO_snprintf(buf[0], sizeof buf[0], "%s-%s",
serialfile, new_suffix);
#endif
#ifndef OPENSSL_SYS_VMS
j = BIO_snprintf(buf[1], sizeof buf[1], "%s.%s",
serialfile, old_suffix);
#else
j = BIO_snprintf(buf[1], sizeof buf[1], "%s-%s",
serialfile, old_suffix);
#endif
if (stat(serialfile,&sb) < 0)
{
if (errno != ENOENT
#ifdef ENOTDIR
&& errno != ENOTDIR)
#endif
goto err;
}
else
{
#ifdef RL_DEBUG
BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n",
serialfile, buf[1]);
#endif
if (rename(serialfile,buf[1]) < 0)
{
BIO_printf(bio_err,
"unable to rename %s to %s\n",
serialfile, buf[1]);
perror("reason");
goto err;
}
}
#ifdef RL_DEBUG
BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n",
buf[0],serialfile);
#endif
if (rename(buf[0],serialfile) < 0)
{
BIO_printf(bio_err,
"unable to rename %s to %s\n",
buf[0],serialfile);
perror("reason");
rename(buf[1],serialfile);
goto err;
}
return 1;
err:
return 0;
}
CA_DB *load_index(char *dbfile, DB_ATTR *db_attr)
{
CA_DB *retdb = NULL;
TXT_DB *tmpdb = NULL;
BIO *in = BIO_new(BIO_s_file());
CONF *dbattr_conf = NULL;
char buf[1][BSIZE];
long errorline= -1;
if (in == NULL)
{
ERR_print_errors(bio_err);
goto err;
}
if (BIO_read_filename(in,dbfile) <= 0)
{
perror(dbfile);
BIO_printf(bio_err,"unable to open '%s'\n",dbfile);
goto err;
}
if ((tmpdb = TXT_DB_read(in,DB_NUMBER)) == NULL)
{
if (tmpdb != NULL) TXT_DB_free(tmpdb);
goto err;
}
#ifndef OPENSSL_SYS_VMS
BIO_snprintf(buf[0], sizeof buf[0], "%s.attr", dbfile);
#else
BIO_snprintf(buf[0], sizeof buf[0], "%s-attr", dbfile);
#endif
dbattr_conf = NCONF_new(NULL);
if (NCONF_load(dbattr_conf,buf[0],&errorline) <= 0)
{
if (errorline > 0)
{
BIO_printf(bio_err,
"error on line %ld of db attribute file '%s'\n"
,errorline,buf[0]);
goto err;
}
else
{
NCONF_free(dbattr_conf);
dbattr_conf = NULL;
}
}
if ((retdb = OPENSSL_malloc(sizeof(CA_DB))) == NULL)
{
fprintf(stderr, "Out of memory\n");
goto err;
}
retdb->db = tmpdb;
tmpdb = NULL;
if (db_attr)
retdb->attributes = *db_attr;
else
{
retdb->attributes.unique_subject = 1;
}
if (dbattr_conf)
{
char *p = NCONF_get_string(dbattr_conf,NULL,"unique_subject");
if (p)
{
BIO_printf(bio_err, "DEBUG[load_index]: unique_subject = \"%s\"\n", p);
switch(*p)
{
case 'f': /* false */
case 'F': /* FALSE */
case 'n': /* no */
case 'N': /* NO */
retdb->attributes.unique_subject = 0;
break;
case 't': /* true */
case 'T': /* TRUE */
case 'y': /* yes */
case 'Y': /* YES */
default:
retdb->attributes.unique_subject = 1;
break;
}
}
}
err:
if (dbattr_conf) NCONF_free(dbattr_conf);
if (tmpdb) TXT_DB_free(tmpdb);
if (in) BIO_free_all(in);
return retdb;
}
int index_index(CA_DB *db)
{
if (!TXT_DB_create_index(db->db, DB_serial, NULL,
LHASH_HASH_FN(index_serial_hash),
LHASH_COMP_FN(index_serial_cmp)))
{
BIO_printf(bio_err,
"error creating serial number index:(%ld,%ld,%ld)\n",
db->db->error,db->db->arg1,db->db->arg2);
return 0;
}
if (db->attributes.unique_subject
&& !TXT_DB_create_index(db->db, DB_name, index_name_qual,
LHASH_HASH_FN(index_name_hash),
LHASH_COMP_FN(index_name_cmp)))
{
BIO_printf(bio_err,"error creating name index:(%ld,%ld,%ld)\n",
db->db->error,db->db->arg1,db->db->arg2);
return 0;
}
return 1;
}
int save_index(char *dbfile, char *suffix, CA_DB *db)
{
char buf[3][BSIZE];
BIO *out = BIO_new(BIO_s_file());
int j;
if (out == NULL)
{
ERR_print_errors(bio_err);
goto err;
}
j = strlen(dbfile) + strlen(suffix);
if (j + 6 >= BSIZE)
{
BIO_printf(bio_err,"file name too long\n");
goto err;
}
#ifndef OPENSSL_SYS_VMS
j = BIO_snprintf(buf[2], sizeof buf[2], "%s.attr", dbfile);
#else
j = BIO_snprintf(buf[2], sizeof buf[2], "%s-attr", dbfile);
#endif
#ifndef OPENSSL_SYS_VMS
j = BIO_snprintf(buf[1], sizeof buf[1], "%s.attr.%s", dbfile, suffix);
#else
j = BIO_snprintf(buf[1], sizeof buf[1], "%s-attr-%s", dbfile, suffix);
#endif
#ifndef OPENSSL_SYS_VMS
j = BIO_snprintf(buf[0], sizeof buf[0], "%s.%s", dbfile, suffix);
#else
j = BIO_snprintf(buf[0], sizeof buf[0], "%s-%s", dbfile, suffix);
#endif
#ifdef RL_DEBUG
BIO_printf(bio_err, "DEBUG: writing \"%s\"\n", buf[0]);
#endif
if (BIO_write_filename(out,buf[0]) <= 0)
{
perror(dbfile);
BIO_printf(bio_err,"unable to open '%s'\n", dbfile);
goto err;
}
j=TXT_DB_write(out,db->db);
if (j <= 0) goto err;
BIO_free(out);
out = BIO_new(BIO_s_file());
#ifdef RL_DEBUG
BIO_printf(bio_err, "DEBUG: writing \"%s\"\n", buf[1]);
#endif
if (BIO_write_filename(out,buf[1]) <= 0)
{
perror(buf[2]);
BIO_printf(bio_err,"unable to open '%s'\n", buf[2]);
goto err;
}
BIO_printf(out,"unique_subject = %s\n",
db->attributes.unique_subject ? "yes" : "no");
BIO_free(out);
return 1;
err:
return 0;
}
int rotate_index(char *dbfile, char *new_suffix, char *old_suffix)
{
char buf[5][BSIZE];
int i,j;
struct stat sb;
i = strlen(dbfile) + strlen(old_suffix);
j = strlen(dbfile) + strlen(new_suffix);
if (i > j) j = i;
if (j + 6 >= BSIZE)
{
BIO_printf(bio_err,"file name too long\n");
goto err;
}
#ifndef OPENSSL_SYS_VMS
j = BIO_snprintf(buf[4], sizeof buf[4], "%s.attr", dbfile);
#else
j = BIO_snprintf(buf[4], sizeof buf[4], "%s-attr", dbfile);
#endif
#ifndef OPENSSL_SYS_VMS
j = BIO_snprintf(buf[2], sizeof buf[2], "%s.attr.%s",
dbfile, new_suffix);
#else
j = BIO_snprintf(buf[2], sizeof buf[2], "%s-attr-%s",
dbfile, new_suffix);
#endif
#ifndef OPENSSL_SYS_VMS
j = BIO_snprintf(buf[0], sizeof buf[0], "%s.%s",
dbfile, new_suffix);
#else
j = BIO_snprintf(buf[0], sizeof buf[0], "%s-%s",
dbfile, new_suffix);
#endif
#ifndef OPENSSL_SYS_VMS
j = BIO_snprintf(buf[1], sizeof buf[1], "%s.%s",
dbfile, old_suffix);
#else
j = BIO_snprintf(buf[1], sizeof buf[1], "%s-%s",
dbfile, old_suffix);
#endif
#ifndef OPENSSL_SYS_VMS
j = BIO_snprintf(buf[3], sizeof buf[3], "%s.attr.%s",
dbfile, old_suffix);
#else
j = BIO_snprintf(buf[3], sizeof buf[3], "%s-attr-%s",
dbfile, old_suffix);
#endif
if (stat(dbfile,&sb) < 0)
{
if (errno != ENOENT
#ifdef ENOTDIR
&& errno != ENOTDIR)
#endif
goto err;
}
else
{
#ifdef RL_DEBUG
BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n",
dbfile, buf[1]);
#endif
if (rename(dbfile,buf[1]) < 0)
{
BIO_printf(bio_err,
"unable to rename %s to %s\n",
dbfile, buf[1]);
perror("reason");
goto err;
}
}
#ifdef RL_DEBUG
BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n",
buf[0],dbfile);
#endif
if (rename(buf[0],dbfile) < 0)
{
BIO_printf(bio_err,
"unable to rename %s to %s\n",
buf[0],dbfile);
perror("reason");
rename(buf[1],dbfile);
goto err;
}
if (stat(buf[4],&sb) < 0)
{
if (errno != ENOENT
#ifdef ENOTDIR
&& errno != ENOTDIR)
#endif
goto err;
}
else
{
#ifdef RL_DEBUG
BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n",
buf[4],buf[3]);
#endif
if (rename(buf[4],buf[3]) < 0)
{
BIO_printf(bio_err,
"unable to rename %s to %s\n",
buf[4], buf[3]);
perror("reason");
rename(dbfile,buf[0]);
rename(buf[1],dbfile);
goto err;
}
}
#ifdef RL_DEBUG
BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n",
buf[2],buf[4]);
#endif
if (rename(buf[2],buf[4]) < 0)
{
BIO_printf(bio_err,
"unable to rename %s to %s\n",
buf[2],buf[4]);
perror("reason");
rename(buf[3],buf[4]);
rename(dbfile,buf[0]);
rename(buf[1],dbfile);
goto err;
}
return 1;
err:
return 0;
}
void free_index(CA_DB *db)
{
TXT_DB_free(db->db);
OPENSSL_free(db);
}

33
crypto/openssl/apps/apps.h
View File

@ -287,7 +287,38 @@ char *make_config_name(void);
/* Functions defined in ca.c and also used in ocsp.c */
int unpack_revinfo(ASN1_TIME **prevtm, int *preason, ASN1_OBJECT **phold,
ASN1_GENERALIZEDTIME **pinvtm, char *str);
int make_serial_index(TXT_DB *db);
#define DB_type 0
#define DB_exp_date 1
#define DB_rev_date 2
#define DB_serial 3 /* index - unique */
#define DB_file 4
#define DB_name 5 /* index - unique when active and not disabled */
#define DB_NUMBER 6
#define DB_TYPE_REV 'R'
#define DB_TYPE_EXP 'E'
#define DB_TYPE_VAL 'V'
typedef struct db_attr_st
{
int unique_subject;
} DB_ATTR;
typedef struct ca_db_st
{
DB_ATTR attributes;
TXT_DB *db;
} CA_DB;
BIGNUM *load_serial(char *serialfile, int create, ASN1_INTEGER **retai);
int save_serial(char *serialfile, char *suffix, BIGNUM *serial, ASN1_INTEGER **retai);
int rotate_serial(char *serialfile, char *new_suffix, char *old_suffix);
CA_DB *load_index(char *dbfile, DB_ATTR *dbattr);
int index_index(CA_DB *db);
int save_index(char *dbfile, char *suffix, CA_DB *db);
int rotate_index(char *dbfile, char *new_suffix, char *old_suffix);
void free_index(CA_DB *db);
int index_name_cmp(const char **a, const char **b);
X509_NAME *do_subject(char *str, long chtype);

10
crypto/openssl/apps/asn1pars.c
View File

@ -304,7 +304,15 @@ int MAIN(int argc, char **argv)
num=tmplen;
}
if (length == 0) length=(unsigned int)num;
if (offset >= num)
{
BIO_printf(bio_err, "Error: offset too large\n");
goto end;
}
num -= offset;
if ((length == 0) || ((long)length > num)) length=(unsigned int)num;
if(derout) {
if(BIO_write(derout, str + offset, length) != (int)length) {
BIO_printf(bio_err, "Error writing output\n");

549
crypto/openssl/apps/ca.c
View File

@ -122,6 +122,7 @@
#define ENV_NEW_CERTS_DIR "new_certs_dir"
#define ENV_CERTIFICATE "certificate"
#define ENV_SERIAL "serial"
#define ENV_CRLNUMBER "crlnumber"
#define ENV_CRL "crl"
#define ENV_PRIVATE_KEY "private_key"
#define ENV_RANDFILE "RANDFILE"
@ -143,18 +144,6 @@
#define ENV_DATABASE "database"
#define DB_type 0
#define DB_exp_date 1
#define DB_rev_date 2
#define DB_serial 3 /* index - unique */
#define DB_file 4
#define DB_name 5 /* index - unique for active */
#define DB_NUMBER 6
#define DB_TYPE_REV 'R'
#define DB_TYPE_EXP 'E'
#define DB_TYPE_VAL 'V'
/* Additional revocation information types */
#define REV_NONE 0 /* No addditional information */
@ -211,43 +200,36 @@ extern int EF_ALIGNMENT;
#endif
static void lookup_fail(char *name,char *tag);
static unsigned long index_serial_hash(const char **a);
static int index_serial_cmp(const char **a, const char **b);
static unsigned long index_name_hash(const char **a);
static int index_name_qual(char **a);
static int index_name_cmp(const char **a,const char **b);
static BIGNUM *load_serial(char *serialfile);
static int save_serial(char *serialfile, BIGNUM *serial);
static int certify(X509 **xret, char *infile,EVP_PKEY *pkey,X509 *x509,
const EVP_MD *dgst,STACK_OF(CONF_VALUE) *policy,TXT_DB *db,
const EVP_MD *dgst,STACK_OF(CONF_VALUE) *policy,CA_DB *db,
BIGNUM *serial, char *subj, int email_dn, char *startdate,
char *enddate, long days, int batch, char *ext_sect, CONF *conf,
int verbose, unsigned long certopt, unsigned long nameopt,
int default_op, int ext_copy);
static int certify_cert(X509 **xret, char *infile,EVP_PKEY *pkey,X509 *x509,
const EVP_MD *dgst,STACK_OF(CONF_VALUE) *policy,
TXT_DB *db, BIGNUM *serial, char *subj, int email_dn,
CA_DB *db, BIGNUM *serial, char *subj, int email_dn,
char *startdate, char *enddate, long days, int batch,
char *ext_sect, CONF *conf,int verbose, unsigned long certopt,
unsigned long nameopt, int default_op, int ext_copy,
ENGINE *e);
static int certify_spkac(X509 **xret, char *infile,EVP_PKEY *pkey,X509 *x509,
const EVP_MD *dgst,STACK_OF(CONF_VALUE) *policy,
TXT_DB *db, BIGNUM *serial,char *subj, int email_dn,
CA_DB *db, BIGNUM *serial,char *subj, int email_dn,
char *startdate, char *enddate, long days, char *ext_sect,
CONF *conf, int verbose, unsigned long certopt,
unsigned long nameopt, int default_op, int ext_copy);
static int fix_data(int nid, int *type);
static void write_new_certificate(BIO *bp, X509 *x, int output_der, int notext);
static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509, const EVP_MD *dgst,
STACK_OF(CONF_VALUE) *policy, TXT_DB *db, BIGNUM *serial,char *subj,
STACK_OF(CONF_VALUE) *policy, CA_DB *db, BIGNUM *serial,char *subj,
int email_dn, char *startdate, char *enddate, long days, int batch,
int verbose, X509_REQ *req, char *ext_sect, CONF *conf,
unsigned long certopt, unsigned long nameopt, int default_op,
int ext_copy);
static int do_revoke(X509 *x509, TXT_DB *db, int ext, char *extval);
static int get_certificate_status(const char *ser_status, TXT_DB *db);
static int do_updatedb(TXT_DB *db);
static int do_revoke(X509 *x509, CA_DB *db, int ext, char *extval);
static int get_certificate_status(const char *ser_status, CA_DB *db);
static int do_updatedb(CA_DB *db);
static int check_time_format(char *str);
char *make_revocation_str(int rev_type, char *rev_arg);
int make_revoked(X509_REVOKED *rev, char *str);
@ -259,11 +241,6 @@ static char *section=NULL;
static int preserve=0;
static int msie_hack=0;
static IMPLEMENT_LHASH_HASH_FN(index_serial_hash,const char **)
static IMPLEMENT_LHASH_COMP_FN(index_serial_cmp,const char **)
static IMPLEMENT_LHASH_HASH_FN(index_name_hash,const char **)
static IMPLEMENT_LHASH_COMP_FN(index_name_cmp,const char **)
int MAIN(int, char **);
@ -300,6 +277,7 @@ int MAIN(int argc, char **argv)
char *outfile=NULL;
char *outdir=NULL;
char *serialfile=NULL;
char *crlnumberfile=NULL;
char *extensions=NULL;
char *extfile=NULL;
char *subj=NULL;
@ -308,6 +286,7 @@ int MAIN(int argc, char **argv)
int rev_type = REV_NONE;
char *rev_arg = NULL;
BIGNUM *serial=NULL;
BIGNUM *crlnumber=NULL;
char *startdate=NULL;
char *enddate=NULL;
long days=0;
@ -320,14 +299,13 @@ int MAIN(int argc, char **argv)
X509 *x=NULL;
BIO *in=NULL,*out=NULL,*Sout=NULL,*Cout=NULL;
char *dbfile=NULL;
TXT_DB *db=NULL;
CA_DB *db=NULL;
X509_CRL *crl=NULL;
X509_REVOKED *r=NULL;
ASN1_TIME *tmptm;
ASN1_INTEGER *tmpser;
char **pp,*p,*f;
int i,j;
long l;
const EVP_MD *dgst=NULL;
STACK_OF(CONF_VALUE) *attribs=NULL;
STACK_OF(X509) *cert_sk=NULL;
@ -339,6 +317,7 @@ int MAIN(int argc, char **argv)
char *engine = NULL;
#endif
char *tofree=NULL;
DB_ATTR db_attr;
#ifdef EFENCE
EF_PROTECT_FREE=1;
@ -579,16 +558,19 @@ EF_ALIGNMENT=0;
if (configfile == NULL)
{
const char *s=X509_get_default_cert_area();
size_t len;
#ifdef OPENSSL_SYS_VMS
tofree=OPENSSL_malloc(strlen(s)+sizeof(CONFIG_FILE));
len = strlen(s)+sizeof(CONFIG_FILE);
tofree=OPENSSL_malloc(len);
strcpy(tofree,s);
#else
tofree=OPENSSL_malloc(strlen(s)+sizeof(CONFIG_FILE)+1);
strcpy(tofree,s);
strcat(tofree,"/");
len = strlen(s)+sizeof(CONFIG_FILE)+1;
tofree=OPENSSL_malloc(len);
BUF_strlcpy(tofree,s,len);
BUF_strlcat(tofree,"/",len);
#endif
strcat(tofree,CONFIG_FILE);
BUF_strlcat(tofree,CONFIG_FILE,len);
configfile=tofree;
}
@ -659,6 +641,39 @@ EF_ALIGNMENT=0;
if (randfile == NULL)
ERR_clear_error();
app_RAND_load_file(randfile, bio_err, 0);
db_attr.unique_subject = 1;
p = NCONF_get_string(conf, section, "unique_subject");
if (p)
{
#ifdef RL_DEBUG
BIO_printf(bio_err, "DEBUG: unique_subject = \"%s\"\n", p);
#endif
switch(*p)
{
case 'f': /* false */
case 'F': /* FALSE */
case 'n': /* no */
case 'N': /* NO */
db_attr.unique_subject = 0;
break;
case 't': /* true */
case 'T': /* TRUE */
case 'y': /* yes */
case 'Y': /* YES */
default:
db_attr.unique_subject = 1;
break;
}
}
#ifdef RL_DEBUG
else
BIO_printf(bio_err, "DEBUG: unique_subject undefined\n", p);
#endif
#ifdef RL_DEBUG
BIO_printf(bio_err, "DEBUG: configured unique_subject is %d\n",
db_attr.unique_subject);
#endif
in=BIO_new(BIO_s_file());
out=BIO_new(BIO_s_file());
@ -679,17 +694,10 @@ EF_ALIGNMENT=0;
lookup_fail(section,ENV_DATABASE);
goto err;
}
if (BIO_read_filename(in,dbfile) <= 0)
{
perror(dbfile);
BIO_printf(bio_err,"unable to open '%s'\n",dbfile);
goto err;
}
db=TXT_DB_read(in,DB_NUMBER);
db = load_index(dbfile,&db_attr);
if (db == NULL) goto err;
if (!make_serial_index(db))
goto err;
if (!index_index(db)) goto err;
if (get_certificate_status(ser_status,db) != 1)
BIO_printf(bio_err,"Error verifying serial %s!\n",
@ -849,19 +857,13 @@ EF_ALIGNMENT=0;
lookup_fail(section,ENV_DATABASE);
goto err;
}
if (BIO_read_filename(in,dbfile) <= 0)
{
perror(dbfile);
BIO_printf(bio_err,"unable to open '%s'\n",dbfile);
goto err;
}
db=TXT_DB_read(in,DB_NUMBER);
db = load_index(dbfile, &db_attr);
if (db == NULL) goto err;
/* Lets check some fields */
for (i=0; i<sk_num(db->data); i++)
for (i=0; i<sk_num(db->db->data); i++)
{
pp=(char **)sk_value(db->data,i);
pp=(char **)sk_value(db->db->data,i);
if ((pp[DB_type][0] != DB_TYPE_REV) &&
(pp[DB_rev_date][0] != '\0'))
{
@ -912,23 +914,13 @@ EF_ALIGNMENT=0;
out = BIO_push(tmpbio, out);
}
#endif
TXT_DB_write(out,db);
TXT_DB_write(out,db->db);
BIO_printf(bio_err,"%d entries loaded from the database\n",
db->data->num);
db->db->data->num);
BIO_printf(bio_err,"generating index\n");
}
if (!make_serial_index(db))
goto err;
if (!TXT_DB_create_index(db, DB_name, index_name_qual,
LHASH_HASH_FN(index_name_hash),
LHASH_COMP_FN(index_name_cmp)))
{
BIO_printf(bio_err,"error creating name index:(%ld,%ld,%ld)\n",
db->error,db->arg1,db->arg2);
goto err;
}
if (!index_index(db)) goto err;
/*****************************************************************/
/* Update the db file for expired certificates */
@ -951,62 +943,9 @@ EF_ALIGNMENT=0;
}
else
{
out = BIO_new(BIO_s_file());
if (out == NULL)
{
ERR_print_errors(bio_err);
goto err;
}
#ifndef OPENSSL_SYS_VMS
j = BIO_snprintf(buf[0], sizeof buf[0], "%s.new", dbfile);
#else
j = BIO_snprintf(buf[0], sizeof buf[0], "%s-new", dbfile);
#endif
if (j < 0 || j >= sizeof buf[0])
{
BIO_printf(bio_err, "file name too long\n");
goto err;
}
if (BIO_write_filename(out,buf[0]) <= 0)
{
perror(dbfile);
BIO_printf(bio_err,"unable to open '%s'\n",
dbfile);
goto err;
}
j=TXT_DB_write(out,db);
if (j <= 0) goto err;
BIO_free(out);
out = NULL;
#ifndef OPENSSL_SYS_VMS
j = BIO_snprintf(buf[1], sizeof buf[1], "%s.old", dbfile);
#else
j = BIO_snprintf(buf[1], sizeof buf[1], "%s-old", dbfile);
#endif
if (j < 0 || j >= sizeof buf[1])
{
BIO_printf(bio_err, "file name too long\n");
goto err;
}
if (rename(dbfile,buf[1]) < 0)
{
BIO_printf(bio_err,
"unable to rename %s to %s\n",
dbfile, buf[1]);
perror("reason");
goto err;
}
if (rename(buf[0],dbfile) < 0)
{
BIO_printf(bio_err,
"unable to rename %s to %s\n",
buf[0],dbfile);
perror("reason");
rename(buf[1],dbfile);
goto err;
}
if (!save_index(dbfile,"new",db)) goto err;
if (!rotate_index(dbfile,"new","old")) goto err;
if (verbose) BIO_printf(bio_err,
"Done. %d entries marked as expired\n",i);
@ -1167,7 +1106,7 @@ EF_ALIGNMENT=0;
goto err;
}
if ((serial=load_serial(serialfile)) == NULL)
if ((serial=load_serial(serialfile, 0, NULL)) == NULL)
{
BIO_printf(bio_err,"error while loading serial number\n");
goto err;
@ -1301,38 +1240,9 @@ EF_ALIGNMENT=0;
BIO_printf(bio_err,"Write out database with %d new entries\n",sk_X509_num(cert_sk));
if(strlen(serialfile) > BSIZE-5 || strlen(dbfile) > BSIZE-5)
{
BIO_printf(bio_err,"file name too long\n");
goto err;
}
if (!save_serial(serialfile,"new",serial,NULL)) goto err;
strcpy(buf[0],serialfile);
#ifdef OPENSSL_SYS_VMS
strcat(buf[0],"-new");
#else
strcat(buf[0],".new");
#endif
if (!save_serial(buf[0],serial)) goto err;
strcpy(buf[1],dbfile);
#ifdef OPENSSL_SYS_VMS
strcat(buf[1],"-new");
#else
strcat(buf[1],".new");
#endif
if (BIO_write_filename(out,buf[1]) <= 0)
{
perror(dbfile);
BIO_printf(bio_err,"unable to open '%s'\n",dbfile);
goto err;
}
l=TXT_DB_write(out,db);
if (l <= 0) goto err;
if (!save_index(dbfile, "new", db)) goto err;
}
if (verbose)
@ -1340,7 +1250,7 @@ EF_ALIGNMENT=0;
for (i=0; i<sk_X509_num(cert_sk); i++)
{
int k;
unsigned char *n;
char *n;
x=sk_X509_value(cert_sk,i);
@ -1356,15 +1266,19 @@ EF_ALIGNMENT=0;
strcpy(buf[2],outdir);
#ifndef OPENSSL_SYS_VMS
strcat(buf[2],"/");
BUF_strlcat(buf[2],"/",sizeof(buf[2]));
#endif
n=(unsigned char *)&(buf[2][strlen(buf[2])]);
n=(char *)&(buf[2][strlen(buf[2])]);
if (j > 0)
{
for (k=0; k<j; k++)
{
sprintf((char *)n,"%02X",(unsigned char)*(p++));
if (n >= &(buf[2][sizeof(buf[2])]))
break;
BIO_snprintf(n,
&buf[2][0] + sizeof(buf[2]) - n,
"%02X",(unsigned char)*(p++));
n+=2;
}
}
@ -1390,59 +1304,10 @@ EF_ALIGNMENT=0;
if (sk_X509_num(cert_sk))
{
/* Rename the database and the serial file */
strncpy(buf[2],serialfile,BSIZE-4);
buf[2][BSIZE-4]='\0';
if (!rotate_serial(serialfile,"new","old")) goto err;
#ifdef OPENSSL_SYS_VMS
strcat(buf[2],"-old");
#else
strcat(buf[2],".old");
#endif
if (!rotate_index(dbfile,"new","old")) goto err;
BIO_free(in);
BIO_free_all(out);
in=NULL;
out=NULL;
if (rename(serialfile,buf[2]) < 0)
{
BIO_printf(bio_err,"unable to rename %s to %s\n",
serialfile,buf[2]);
perror("reason");
goto err;
}
if (rename(buf[0],serialfile) < 0)
{
BIO_printf(bio_err,"unable to rename %s to %s\n",
buf[0],serialfile);
perror("reason");
rename(buf[2],serialfile);
goto err;
}
strncpy(buf[2],dbfile,BSIZE-4);
buf[2][BSIZE-4]='\0';
#ifdef OPENSSL_SYS_VMS
strcat(buf[2],"-old");
#else
strcat(buf[2],".old");
#endif
if (rename(dbfile,buf[2]) < 0)
{
BIO_printf(bio_err,"unable to rename %s to %s\n",
dbfile,buf[2]);
perror("reason");
goto err;
}
if (rename(buf[1],dbfile) < 0)
{
BIO_printf(bio_err,"unable to rename %s to %s\n",
buf[1],dbfile);
perror("reason");
rename(buf[2],dbfile);
goto err;
}
BIO_printf(bio_err,"Data Base Updated\n");
}
}
@ -1473,6 +1338,14 @@ EF_ALIGNMENT=0;
}
}
if ((crlnumberfile=NCONF_get_string(conf,section,ENV_CRLNUMBER))
!= NULL)
if ((crlnumber=load_serial(crlnumberfile,0,NULL)) == NULL)
{
BIO_printf(bio_err,"error while loading CRL number\n");
goto err;
}
if (!crldays && !crlhours)
{
if (!NCONF_get_number(conf,section,
@ -1501,9 +1374,9 @@ EF_ALIGNMENT=0;
ASN1_TIME_free(tmptm);
for (i=0; i<sk_num(db->data); i++)
for (i=0; i<sk_num(db->db->data); i++)
{
pp=(char **)sk_value(db->data,i);
pp=(char **)sk_value(db->db->data,i);
if (pp[DB_type][0] == DB_TYPE_REV)
{
if ((r=X509_REVOKED_new()) == NULL) goto err;
@ -1549,14 +1422,24 @@ EF_ALIGNMENT=0;
/* Add any extensions asked for */
if (crl_ext)
if (crl_ext || crlnumberfile != NULL)
{
X509V3_CTX crlctx;
X509V3_set_ctx(&crlctx, x509, NULL, NULL, crl, 0);
X509V3_set_nconf(&crlctx, conf);
if (!X509V3_EXT_CRL_add_nconf(conf, &crlctx,
crl_ext, crl)) goto err;
if (crl_ext)
if (!X509V3_EXT_CRL_add_nconf(conf, &crlctx,
crl_ext, crl)) goto err;
if (crlnumberfile != NULL)
{
tmpser = BN_to_ASN1_INTEGER(crlnumber, NULL);
if (!tmpser) goto err;
X509_CRL_add1_ext_i2d(crl,NID_crl_number,tmpser,0,0);
ASN1_INTEGER_free(tmpser);
crl_v2 = 1;
if (!BN_add_word(crlnumber,1)) goto err;
}
}
if (crl_ext || crl_v2)
{
@ -1564,9 +1447,17 @@ EF_ALIGNMENT=0;
goto err; /* version 2 CRL */
}
if (crlnumberfile != NULL) /* we have a CRL number that need updating */
if (!save_serial(crlnumberfile,"new",crlnumber,NULL)) goto err;
if (!X509_CRL_sign(crl,pkey,dgst)) goto err;
PEM_write_bio_X509_CRL(Sout,crl);
if (crlnumberfile != NULL) /* Rename the crlnumber file */
if (!rotate_serial(crlnumberfile,"new","old")) goto err;
}
/*****************************************************************/
if (dorevoke)
@ -1587,50 +1478,10 @@ EF_ALIGNMENT=0;
if (j <= 0) goto err;
X509_free(revcert);
if(strlen(dbfile) > BSIZE-5)
{
BIO_printf(bio_err,"filename too long\n");
goto err;
}
if (!save_index(dbfile, "new", db)) goto err;
if (!rotate_index(dbfile, "new", "old")) goto err;
strcpy(buf[0],dbfile);
#ifndef OPENSSL_SYS_VMS
strcat(buf[0],".new");
#else
strcat(buf[0],"-new");
#endif
if (BIO_write_filename(out,buf[0]) <= 0)
{
perror(dbfile);
BIO_printf(bio_err,"unable to open '%s'\n",dbfile);
goto err;
}
j=TXT_DB_write(out,db);
if (j <= 0) goto err;
BIO_free_all(out);
out = NULL;
BIO_free_all(in);
in = NULL;
strncpy(buf[1],dbfile,BSIZE-4);
buf[1][BSIZE-4]='\0';
#ifndef OPENSSL_SYS_VMS
strcat(buf[1],".old");
#else
strcat(buf[1],"-old");
#endif
if (rename(dbfile,buf[1]) < 0)
{
BIO_printf(bio_err,"unable to rename %s to %s\n", dbfile, buf[1]);
perror("reason");
goto err;
}
if (rename(buf[0],dbfile) < 0)
{
BIO_printf(bio_err,"unable to rename %s to %s\n", buf[0],dbfile);
perror("reason");
rename(buf[1],dbfile);
goto err;
}
BIO_printf(bio_err,"Data Base Updated\n");
}
}
@ -1652,7 +1503,7 @@ EF_ALIGNMENT=0;
if (free_key && key)
OPENSSL_free(key);
BN_free(serial);
TXT_DB_free(db);
free_index(db);
EVP_PKEY_free(pkey);
X509_free(x509);
X509_CRL_free(crl);
@ -1667,106 +1518,8 @@ static void lookup_fail(char *name, char *tag)
BIO_printf(bio_err,"variable lookup failed for %s::%s\n",name,tag);
}
static unsigned long index_serial_hash(const char **a)
{
const char *n;
n=a[DB_serial];
while (*n == '0') n++;
return(lh_strhash(n));
}
static int index_serial_cmp(const char **a, const char **b)
{
const char *aa,*bb;
for (aa=a[DB_serial]; *aa == '0'; aa++);
for (bb=b[DB_serial]; *bb == '0'; bb++);
return(strcmp(aa,bb));
}
static unsigned long index_name_hash(const char **a)
{ return(lh_strhash(a[DB_name])); }
static int index_name_qual(char **a)
{ return(a[0][0] == 'V'); }
static int index_name_cmp(const char **a, const char **b)
{ return(strcmp(a[DB_name],
b[DB_name])); }
static BIGNUM *load_serial(char *serialfile)
{
BIO *in=NULL;
BIGNUM *ret=NULL;
MS_STATIC char buf[1024];
ASN1_INTEGER *ai=NULL;
if ((in=BIO_new(BIO_s_file())) == NULL)
{
ERR_print_errors(bio_err);
goto err;
}
if (BIO_read_filename(in,serialfile) <= 0)
{
perror(serialfile);
goto err;
}
ai=ASN1_INTEGER_new();
if (ai == NULL) goto err;
if (!a2i_ASN1_INTEGER(in,ai,buf,1024))
{
BIO_printf(bio_err,"unable to load number from %s\n",
serialfile);
goto err;
}
ret=ASN1_INTEGER_to_BN(ai,NULL);
if (ret == NULL)
{
BIO_printf(bio_err,"error converting number from bin to BIGNUM\n");
goto err;
}
err:
if (in != NULL) BIO_free(in);
if (ai != NULL) ASN1_INTEGER_free(ai);
return(ret);
}
static int save_serial(char *serialfile, BIGNUM *serial)
{
BIO *out;
int ret=0;
ASN1_INTEGER *ai=NULL;
out=BIO_new(BIO_s_file());
if (out == NULL)
{
ERR_print_errors(bio_err);
goto err;
}
if (BIO_write_filename(out,serialfile) <= 0)
{
perror(serialfile);
goto err;
}
if ((ai=BN_to_ASN1_INTEGER(serial,NULL)) == NULL)
{
BIO_printf(bio_err,"error converting serial to ASN.1 format\n");
goto err;
}
i2a_ASN1_INTEGER(out,ai);
BIO_puts(out,"\n");
ret=1;
err:
if (out != NULL) BIO_free_all(out);
if (ai != NULL) ASN1_INTEGER_free(ai);
return(ret);
}
static int certify(X509 **xret, char *infile, EVP_PKEY *pkey, X509 *x509,
const EVP_MD *dgst, STACK_OF(CONF_VALUE) *policy, TXT_DB *db,
const EVP_MD *dgst, STACK_OF(CONF_VALUE) *policy, CA_DB *db,
BIGNUM *serial, char *subj, int email_dn, char *startdate, char *enddate,
long days, int batch, char *ext_sect, CONF *lconf, int verbose,
unsigned long certopt, unsigned long nameopt, int default_op,
@ -1828,7 +1581,7 @@ static int certify(X509 **xret, char *infile, EVP_PKEY *pkey, X509 *x509,
}
static int certify_cert(X509 **xret, char *infile, EVP_PKEY *pkey, X509 *x509,
const EVP_MD *dgst, STACK_OF(CONF_VALUE) *policy, TXT_DB *db,
const EVP_MD *dgst, STACK_OF(CONF_VALUE) *policy, CA_DB *db,
BIGNUM *serial, char *subj, int email_dn, char *startdate, char *enddate,
long days, int batch, char *ext_sect, CONF *lconf, int verbose,
unsigned long certopt, unsigned long nameopt, int default_op,
@ -1882,7 +1635,7 @@ static int certify_cert(X509 **xret, char *infile, EVP_PKEY *pkey, X509 *x509,
}
static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509, const EVP_MD *dgst,
STACK_OF(CONF_VALUE) *policy, TXT_DB *db, BIGNUM *serial, char *subj,
STACK_OF(CONF_VALUE) *policy, CA_DB *db, BIGNUM *serial, char *subj,
int email_dn, char *startdate, char *enddate, long days, int batch,
int verbose, X509_REQ *req, char *ext_sect, CONF *lconf,
unsigned long certopt, unsigned long nameopt, int default_op,
@ -1900,7 +1653,7 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509, const EVP_MD *dgst,
int ok= -1,i,j,last,nid;
char *p;
CONF_VALUE *cv;
char *row[DB_NUMBER],**rrow,**irow=NULL;
char *row[DB_NUMBER],**rrow=NULL,**irow=NULL;
char buf[25];
tmptm=ASN1_UTCTIME_new();
@ -2137,15 +1890,19 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509, const EVP_MD *dgst,
goto err;
}
rrow=TXT_DB_get_by_index(db,DB_name,row);
if (rrow != NULL)
if (db->attributes.unique_subject)
{
BIO_printf(bio_err,"ERROR:There is already a certificate for %s\n",
row[DB_name]);
rrow=TXT_DB_get_by_index(db->db,DB_name,row);
if (rrow != NULL)
{
BIO_printf(bio_err,
"ERROR:There is already a certificate for %s\n",
row[DB_name]);
}
}
else
if (rrow == NULL)
{
rrow=TXT_DB_get_by_index(db,DB_serial,row);
rrow=TXT_DB_get_by_index(db->db,DB_serial,row);
if (rrow != NULL)
{
BIO_printf(bio_err,"ERROR:Serial number %s has already been issued,\n",
@ -2352,7 +2109,7 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509, const EVP_MD *dgst,
BIO_printf(bio_err,"Memory allocation failure\n");
goto err;
}
strcpy(row[DB_file],"unknown");
BUF_strlcpy(row[DB_file],"unknown",8);
row[DB_type][0]='V';
row[DB_type][1]='\0';
@ -2369,10 +2126,10 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509, const EVP_MD *dgst,
}
irow[DB_NUMBER]=NULL;
if (!TXT_DB_insert(db,irow))
if (!TXT_DB_insert(db->db,irow))
{
BIO_printf(bio_err,"failed to update database\n");
BIO_printf(bio_err,"TXT_DB error number %ld\n",db->error);
BIO_printf(bio_err,"TXT_DB error number %ld\n",db->db->error);
goto err;
}
ok=1;
@ -2423,7 +2180,7 @@ static void write_new_certificate(BIO *bp, X509 *x, int output_der, int notext)
}
static int certify_spkac(X509 **xret, char *infile, EVP_PKEY *pkey, X509 *x509,
const EVP_MD *dgst, STACK_OF(CONF_VALUE) *policy, TXT_DB *db,
const EVP_MD *dgst, STACK_OF(CONF_VALUE) *policy, CA_DB *db,
BIGNUM *serial, char *subj, int email_dn, char *startdate, char *enddate,
long days, char *ext_sect, CONF *lconf, int verbose, unsigned long certopt,
unsigned long nameopt, int default_op, int ext_copy)
@ -2602,7 +2359,7 @@ static int check_time_format(char *str)
return(ASN1_UTCTIME_check(&tm));
}
static int do_revoke(X509 *x509, TXT_DB *db, int type, char *value)
static int do_revoke(X509 *x509, CA_DB *db, int type, char *value)
{
ASN1_UTCTIME *tm=NULL;
char *row[DB_NUMBER],**rrow,**irow;
@ -2627,10 +2384,10 @@ static int do_revoke(X509 *x509, TXT_DB *db, int type, char *value)
/* We have to lookup by serial number because name lookup
* skips revoked certs
*/
rrow=TXT_DB_get_by_index(db,DB_serial,row);
rrow=TXT_DB_get_by_index(db->db,DB_serial,row);
if (rrow == NULL)
{
BIO_printf(bio_err,"Adding Entry to DB for %s\n", row[DB_name]);
BIO_printf(bio_err,"Adding Entry with serial number %s to DB for %s\n", row[DB_serial], row[DB_name]);
/* We now just add it to the database */
row[DB_type]=(char *)OPENSSL_malloc(2);
@ -2653,7 +2410,7 @@ static int do_revoke(X509 *x509, TXT_DB *db, int type, char *value)
BIO_printf(bio_err,"Memory allocation failure\n");
goto err;
}
strcpy(row[DB_file],"unknown");
BUF_strlcpy(row[DB_file],"unknown",8);
row[DB_type][0]='V';
row[DB_type][1]='\0';
@ -2670,10 +2427,10 @@ static int do_revoke(X509 *x509, TXT_DB *db, int type, char *value)
}
irow[DB_NUMBER]=NULL;
if (!TXT_DB_insert(db,irow))
if (!TXT_DB_insert(db->db,irow))
{
BIO_printf(bio_err,"failed to update database\n");
BIO_printf(bio_err,"TXT_DB error number %ld\n",db->error);
BIO_printf(bio_err,"TXT_DB error number %ld\n",db->db->error);
goto err;
}
@ -2718,7 +2475,7 @@ static int do_revoke(X509 *x509, TXT_DB *db, int type, char *value)
return(ok);
}
static int get_certificate_status(const char *serial, TXT_DB *db)
static int get_certificate_status(const char *serial, CA_DB *db)
{
char *row[DB_NUMBER],**rrow;
int ok=-1,i;
@ -2759,7 +2516,7 @@ static int get_certificate_status(const char *serial, TXT_DB *db)
ok=1;
/* Search for the certificate */
rrow=TXT_DB_get_by_index(db,DB_serial,row);
rrow=TXT_DB_get_by_index(db->db,DB_serial,row);
if (rrow == NULL)
{
BIO_printf(bio_err,"Serial %s not present in db.\n",
@ -2806,7 +2563,7 @@ static int get_certificate_status(const char *serial, TXT_DB *db)
return(ok);
}
static int do_updatedb (TXT_DB *db)
static int do_updatedb (CA_DB *db)
{
ASN1_UTCTIME *a_tm = NULL;
int i, cnt = 0;
@ -2832,9 +2589,9 @@ static int do_updatedb (TXT_DB *db)
else
a_y2k = 0;
for (i = 0; i < sk_num(db->data); i++)
for (i = 0; i < sk_num(db->db->data); i++)
{
rrow = (char **) sk_value(db->data, i);
rrow = (char **) sk_value(db->db->data, i);
if (rrow[DB_type][0] == 'V')
{
@ -2977,16 +2734,16 @@ char *make_revocation_str(int rev_type, char *rev_arg)
if (!str) return NULL;
strcpy(str, (char *)revtm->data);
BUF_strlcpy(str, (char *)revtm->data, i);
if (reason)
{
strcat(str, ",");
strcat(str, reason);
BUF_strlcat(str, ",", i);
BUF_strlcat(str, reason, i);
}
if (other)
{
strcat(str, ",");
strcat(str, other);
BUF_strlcat(str, ",", i);
BUF_strlcat(str, other, i);
}
ASN1_UTCTIME_free(revtm);
return str;
@ -3321,17 +3078,3 @@ int unpack_revinfo(ASN1_TIME **prevtm, int *preason, ASN1_OBJECT **phold, ASN1_G
return ret;
}
int make_serial_index(TXT_DB *db)
{
if (!TXT_DB_create_index(db, DB_serial, NULL,
LHASH_HASH_FN(index_serial_hash),
LHASH_COMP_FN(index_serial_cmp)))
{
BIO_printf(bio_err,
"error creating serial number index:(%ld,%ld,%ld)\n",
db->error,db->arg1,db->arg2);
return 0;
}
return 1;
}

2
crypto/openssl/apps/der_chop
View File

@ -1,4 +1,4 @@
#!/usr/bin/perl
#!/usr/local/bin/perl
#
# der_chop ... this is one total hack that Eric is really not proud of
# so don't look at it and don't ask for support

5
crypto/openssl/apps/dgst.c
View File

@ -347,8 +347,9 @@ int MAIN(int argc, char **argv)
}
if(!out_bin)
{
tmp=tofree=OPENSSL_malloc(strlen(name)+strlen(argv[i])+5);
sprintf(tmp,"%s(%s)= ",name,argv[i]);
size_t len = strlen(name)+strlen(argv[i])+5;
tmp=tofree=OPENSSL_malloc(len);
BIO_snprintf(tmp,len,"%s(%s)= ",name,argv[i]);
}
else
tmp="";

6
crypto/openssl/apps/enc.c
View File

@ -373,9 +373,9 @@ int MAIN(int argc, char **argv)
{
char buf[200];
sprintf(buf,"enter %s %s password:",
OBJ_nid2ln(EVP_CIPHER_nid(cipher)),
(enc)?"encryption":"decryption");
BIO_snprintf(buf,sizeof buf,"enter %s %s password:",
OBJ_nid2ln(EVP_CIPHER_nid(cipher)),
(enc)?"encryption":"decryption");
strbuf[0]='\0';
i=EVP_read_pw_string((char *)strbuf,SIZE,buf,enc);
if (i == 0)

4
crypto/openssl/apps/engine.c
View File

@ -122,8 +122,8 @@ static int append_buf(char **buf, const char *s, int *size, int step)
return 0;
if (**buf != '\0')
strcat(*buf, ", ");
strcat(*buf, s);
BUF_strlcat(*buf, ", ", *size);
BUF_strlcat(*buf, s, *size);
return 1;
}

46
crypto/openssl/apps/ocsp.c
View File

@ -68,19 +68,6 @@
/* Maximum leeway in validity period: default 5 minutes */
#define MAX_VALIDITY_PERIOD (5 * 60)
/* CA index.txt definitions */
#define DB_type 0
#define DB_exp_date 1
#define DB_rev_date 2
#define DB_serial 3 /* index - unique */
#define DB_file 4
#define DB_name 5 /* index - unique for active */
#define DB_NUMBER 6
#define DB_TYPE_REV 'R'
#define DB_TYPE_EXP 'E'
#define DB_TYPE_VAL 'V'
static int add_ocsp_cert(OCSP_REQUEST **req, X509 *cert, X509 *issuer,
STACK_OF(OCSP_CERTID) *ids);
static int add_ocsp_serial(OCSP_REQUEST **req, char *serial, X509 *issuer,
@ -89,12 +76,12 @@ static int print_ocsp_summary(BIO *out, OCSP_BASICRESP *bs, OCSP_REQUEST *req,
STACK *names, STACK_OF(OCSP_CERTID) *ids,
long nsec, long maxage);
static int make_ocsp_response(OCSP_RESPONSE **resp, OCSP_REQUEST *req, TXT_DB *db,
static int make_ocsp_response(OCSP_RESPONSE **resp, OCSP_REQUEST *req, CA_DB *db,
X509 *ca, X509 *rcert, EVP_PKEY *rkey,
STACK_OF(X509) *rother, unsigned long flags,
int nmin, int ndays);
static char **lookup_serial(TXT_DB *db, ASN1_INTEGER *ser);
static char **lookup_serial(CA_DB *db, ASN1_INTEGER *ser);
static BIO *init_responder(char *port);
static int do_responder(OCSP_REQUEST **preq, BIO **pcbio, BIO *acbio, char *port);
static int send_ocsp_response(BIO *cbio, OCSP_RESPONSE *resp);
@ -143,7 +130,7 @@ int MAIN(int argc, char **argv)
X509 *rca_cert = NULL;
char *ridx_filename = NULL;
char *rca_filename = NULL;
TXT_DB *rdb = NULL;
CA_DB *rdb = NULL;
int nmin = 0, ndays = -1;
if (bio_err == NULL) bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
@ -700,22 +687,9 @@ int MAIN(int argc, char **argv)
if (ridx_filename && !rdb)
{
BIO *db_bio = NULL;
db_bio = BIO_new_file(ridx_filename, "r");
if (!db_bio)
{
BIO_printf(bio_err, "Error opening index file %s\n", ridx_filename);
goto end;
}
rdb = TXT_DB_read(db_bio, DB_NUMBER);
BIO_free(db_bio);
if (!rdb)
{
BIO_printf(bio_err, "Error reading index file %s\n", ridx_filename);
goto end;
}
if (!make_serial_index(rdb))
goto end;
rdb = load_index(ridx_filename, NULL);
if (!rdb) goto end;
if (!index_index(rdb)) goto end;
}
if (rdb)
@ -899,7 +873,7 @@ int MAIN(int argc, char **argv)
X509_free(cert);
X509_free(rsigner);
X509_free(rca_cert);
TXT_DB_free(rdb);
free_index(rdb);
BIO_free_all(cbio);
BIO_free_all(acbio);
BIO_free(out);
@ -1041,7 +1015,7 @@ static int print_ocsp_summary(BIO *out, OCSP_BASICRESP *bs, OCSP_REQUEST *req,
}
static int make_ocsp_response(OCSP_RESPONSE **resp, OCSP_REQUEST *req, TXT_DB *db,
static int make_ocsp_response(OCSP_RESPONSE **resp, OCSP_REQUEST *req, CA_DB *db,
X509 *ca, X509 *rcert, EVP_PKEY *rkey,
STACK_OF(X509) *rother, unsigned long flags,
int nmin, int ndays)
@ -1133,7 +1107,7 @@ static int make_ocsp_response(OCSP_RESPONSE **resp, OCSP_REQUEST *req, TXT_DB *d
}
static char **lookup_serial(TXT_DB *db, ASN1_INTEGER *ser)
static char **lookup_serial(CA_DB *db, ASN1_INTEGER *ser)
{
int i;
BIGNUM *bn = NULL;
@ -1146,7 +1120,7 @@ static char **lookup_serial(TXT_DB *db, ASN1_INTEGER *ser)
itmp = BN_bn2hex(bn);
row[DB_serial] = itmp;
BN_free(bn);
rrow=TXT_DB_get_by_index(db,DB_serial,row);
rrow=TXT_DB_get_by_index(db->db,DB_serial,row);
OPENSSL_free(itmp);
return rrow;
}

5
crypto/openssl/apps/openssl.cnf
View File

@ -38,10 +38,14 @@ dir = ./demoCA # Where everything is kept
certs = $dir/certs # Where the issued certs are kept
crl_dir = $dir/crl # Where the issued crl are kept
database = $dir/index.txt # database index file.
#unique_subject = no # Set to 'no' to allow creation of
# several ctificates with same subject.
new_certs_dir = $dir/newcerts # default place for new certs.
certificate = $dir/cacert.pem # The CA certificate
serial = $dir/serial # The current serial number
#crlnumber = $dir/crlnumber # the current crl number
# must be commented out to leave a V1 CRL
crl = $dir/crl.pem # The current CRL
private_key = $dir/private/cakey.pem# The private key
RANDFILE = $dir/private/.rand # private random number file
@ -58,6 +62,7 @@ cert_opt = ca_default # Certificate field options
# Extensions to add to a CRL. Note: Netscape communicator chokes on V2 CRLs
# so this is commented out by default to leave a V1 CRL.
# crlnumber must also be commented out to leave a V1 CRL.
# crl_extensions = crl_ext
default_days = 365 # how long to certify for

4
crypto/openssl/apps/pkcs12.c
View File

@ -557,7 +557,7 @@ int MAIN(int argc, char **argv)
BIO_printf (bio_err, "Can't read Password\n");
goto export_end;
}
if (!twopass) strcpy(macpass, pass);
if (!twopass) BUF_strlcpy(macpass, pass, sizeof macpass);
/* Turn certbags into encrypted authsafe */
authsafe = PKCS12_pack_p7encdata(cert_pbe, cpass, -1, NULL, 0,
iter, bags);
@ -658,7 +658,7 @@ int MAIN(int argc, char **argv)
CRYPTO_pop_info();
#endif
if (!twopass) strcpy(macpass, pass);
if (!twopass) BUF_strlcpy(macpass, pass, sizeof macpass);
if (options & INFO) BIO_printf (bio_err, "MAC Iteration %ld\n", p12->mac->iter ? ASN1_INTEGER_get (p12->mac->iter) : 1);
if(macver) {

3
crypto/openssl/apps/pkcs7.c
View File

@ -102,6 +102,9 @@ int MAIN(int argc, char **argv)
if ((bio_err=BIO_new(BIO_s_file())) != NULL)
BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
if (!load_config(bio_err, NULL))
goto end;
infile=NULL;
outfile=NULL;
informat=FORMAT_PEM;

42
crypto/openssl/apps/req.c
View File

@ -824,7 +824,7 @@ int MAIN(int argc, char **argv)
if ((x509ss=X509_new()) == NULL) goto end;
/* Set version to V3 */
if(!X509_set_version(x509ss, 2)) goto end;
if(extensions && !X509_set_version(x509ss, 2)) goto end;
if (serial)
{
if (!X509_set_serialNumber(x509ss, serial)) goto end;
@ -1223,34 +1223,34 @@ start: for (;;)
}
/* If OBJ not recognised ignore it */
if ((nid=OBJ_txt2nid(type)) == NID_undef) goto start;
if(strlen(v->name) > sizeof buf-9)
if (BIO_snprintf(buf,sizeof buf,"%s_default",v->name)
>= sizeof buf)
{
BIO_printf(bio_err,"Name '%s' too long\n",v->name);
return 0;
}
sprintf(buf,"%s_default",v->name);
if ((def=NCONF_get_string(req_conf,dn_sect,buf)) == NULL)
{
ERR_clear_error();
def="";
}
sprintf(buf,"%s_value",v->name);
BIO_snprintf(buf,sizeof buf,"%s_value",v->name);
if ((value=NCONF_get_string(req_conf,dn_sect,buf)) == NULL)
{
ERR_clear_error();
value=NULL;
}
sprintf(buf,"%s_min",v->name);
BIO_snprintf(buf,sizeof buf,"%s_min",v->name);
if (!NCONF_get_number(req_conf,dn_sect,buf, &n_min))
{
ERR_clear_error();
n_min = -1;
}
sprintf(buf,"%s_max",v->name);
BIO_snprintf(buf,sizeof buf,"%s_max",v->name);
if (!NCONF_get_number(req_conf,dn_sect,buf, &n_max))
{
ERR_clear_error();
@ -1288,13 +1288,13 @@ start2: for (;;)
if ((nid=OBJ_txt2nid(type)) == NID_undef)
goto start2;
if(strlen(v->name) > sizeof buf-9)
if (BIO_snprintf(buf,sizeof buf,"%s_default",type)
>= sizeof buf)
{
BIO_printf(bio_err,"Name '%s' too long\n",v->name);
return 0;
}
sprintf(buf,"%s_default",type);
if ((def=NCONF_get_string(req_conf,attr_sect,buf))
== NULL)
{
@ -1303,7 +1303,7 @@ start2: for (;;)
}
sprintf(buf,"%s_value",type);
BIO_snprintf(buf,sizeof buf,"%s_value",type);
if ((value=NCONF_get_string(req_conf,attr_sect,buf))
== NULL)
{
@ -1311,11 +1311,11 @@ start2: for (;;)
value=NULL;
}
sprintf(buf,"%s_min",type);
BIO_snprintf(buf,sizeof buf,"%s_min",type);
if (!NCONF_get_number(req_conf,attr_sect,buf, &n_min))
n_min = -1;
sprintf(buf,"%s_max",type);
BIO_snprintf(buf,sizeof buf,"%s_max",type);
if (!NCONF_get_number(req_conf,attr_sect,buf, &n_max))
n_max = -1;
@ -1397,9 +1397,8 @@ static int add_DN_object(X509_NAME *n, char *text, char *def, char *value,
(void)BIO_flush(bio_err);
if(value != NULL)
{
OPENSSL_assert(strlen(value) < sizeof buf-2);
strcpy(buf,value);
strcat(buf,"\n");
BUF_strlcpy(buf,value,sizeof buf);
BUF_strlcat(buf,"\n",sizeof buf);
BIO_printf(bio_err,"%s\n",value);
}
else
@ -1421,8 +1420,8 @@ static int add_DN_object(X509_NAME *n, char *text, char *def, char *value,
{
if ((def == NULL) || (def[0] == '\0'))
return(1);
strcpy(buf,def);
strcat(buf,"\n");
BUF_strlcpy(buf,def,sizeof buf);
BUF_strlcat(buf,"\n",sizeof buf);
}
else if ((buf[0] == '.') && (buf[1] == '\n')) return(1);
@ -1456,9 +1455,8 @@ static int add_attribute_object(X509_REQ *req, char *text,
(void)BIO_flush(bio_err);
if (value != NULL)
{
OPENSSL_assert(strlen(value) < sizeof buf-2);
strcpy(buf,value);
strcat(buf,"\n");
BUF_strlcpy(buf,value,sizeof buf);
BUF_strlcat(buf,"\n",sizeof buf);
BIO_printf(bio_err,"%s\n",value);
}
else
@ -1480,8 +1478,8 @@ static int add_attribute_object(X509_REQ *req, char *text,
{
if ((def == NULL) || (def[0] == '\0'))
return(1);
strcpy(buf,def);
strcat(buf,"\n");
BUF_strlcpy(buf,def,sizeof buf);
BUF_strlcat(buf,"\n",sizeof buf);
}
else if ((buf[0] == '.') && (buf[1] == '\n')) return(1);

12
crypto/openssl/apps/rsautl.c
View File

@ -97,6 +97,7 @@ int MAIN(int argc, char **argv)
EVP_PKEY *pkey = NULL;
RSA *rsa = NULL;
unsigned char *rsa_in = NULL, *rsa_out = NULL, pad;
char *passargin = NULL, *passin = NULL;
int rsa_inlen, rsa_outlen = 0;
int keysize;
@ -124,6 +125,9 @@ int MAIN(int argc, char **argv)
} else if(!strcmp(*argv, "-inkey")) {
if (--argc < 1) badarg = 1;
keyfile = *(++argv);
} else if (!strcmp(*argv,"-passin")) {
if (--argc < 1) badarg = 1;
passargin= *(++argv);
} else if (strcmp(*argv,"-keyform") == 0) {
if (--argc < 1) badarg = 1;
keyform=str2fmt(*(++argv));
@ -169,6 +173,10 @@ int MAIN(int argc, char **argv)
#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
#endif
if(!app_passwd(bio_err, passargin, NULL, &passin, NULL)) {
BIO_printf(bio_err, "Error getting password\n");
goto end;
}
/* FIXME: seed PRNG only if needed */
app_RAND_load_file(NULL, bio_err, 0);
@ -176,7 +184,7 @@ int MAIN(int argc, char **argv)
switch(key_type) {
case KEY_PRIVKEY:
pkey = load_key(bio_err, keyfile, keyform, 0,
NULL, e, "Private Key");
passin, e, "Private Key");
break;
case KEY_PUBKEY:
@ -290,6 +298,7 @@ int MAIN(int argc, char **argv)
BIO_free_all(out);
if(rsa_in) OPENSSL_free(rsa_in);
if(rsa_out) OPENSSL_free(rsa_out);
if(passin) OPENSSL_free(passin);
return ret;
}
@ -313,6 +322,7 @@ static void usage()
BIO_printf(bio_err, "-hexdump hex dump output\n");
#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err, "-engine e use engine e, possibly a hardware device.\n");
BIO_printf (bio_err, "-passin arg pass phrase source\n");
#endif
}

2
crypto/openssl/apps/s_socket.c
View File

@ -389,7 +389,7 @@ static int do_accept(int acc_sock, int *sock, char **host)
perror("OPENSSL_malloc");
return(0);
}
strcpy(*host,h1->h_name);
BUF_strlcpy(*host,h1->h_name,strlen(h1->h_name)+1);
h2=GetHostByName(*host);
if (h2 == NULL)

6
crypto/openssl/apps/s_time.c
View File

@ -502,7 +502,7 @@ int MAIN(int argc, char **argv)
if (s_www_path != NULL)
{
sprintf(buf,"GET %s HTTP/1.0\r\n\r\n",s_www_path);
BIO_snprintf(buf,sizeof buf,"GET %s HTTP/1.0\r\n\r\n",s_www_path);
SSL_write(scon,buf,strlen(buf));
while ((i=SSL_read(scon,buf,sizeof(buf))) > 0)
bytes_read+=i;
@ -557,7 +557,7 @@ int MAIN(int argc, char **argv)
if (s_www_path != NULL)
{
sprintf(buf,"GET %s HTTP/1.0\r\n\r\n",s_www_path);
BIO_snprintf(buf,sizeof buf,"GET %s HTTP/1.0\r\n\r\n",s_www_path);
SSL_write(scon,buf,strlen(buf));
while (SSL_read(scon,buf,sizeof(buf)) > 0)
;
@ -595,7 +595,7 @@ int MAIN(int argc, char **argv)
if (s_www_path)
{
sprintf(buf,"GET %s HTTP/1.0\r\n\r\n",s_www_path);
BIO_snprintf(buf,sizeof buf,"GET %s HTTP/1.0\r\n\r\n",s_www_path);
SSL_write(scon,buf,strlen(buf));
while ((i=SSL_read(scon,buf,sizeof(buf))) > 0)
bytes_read+=i;

7
crypto/openssl/apps/speed.c
View File

@ -773,6 +773,7 @@ int MAIN(int argc, char **argv)
{
dsa_doit[R_DSA_512]=1;
dsa_doit[R_DSA_1024]=1;
dsa_doit[R_DSA_2048]=1;
}
else
#endif
@ -1006,6 +1007,9 @@ int MAIN(int argc, char **argv)
c[D_CBC_RC5][0]=count;
c[D_CBC_BF][0]=count;
c[D_CBC_CAST][0]=count;
c[D_CBC_128_AES][0]=count;
c[D_CBC_192_AES][0]=count;
c[D_CBC_256_AES][0]=count;
for (i=1; i<SIZE_NUM; i++)
{
@ -1031,6 +1035,9 @@ int MAIN(int argc, char **argv)
c[D_CBC_RC5][i]=c[D_CBC_RC5][i-1]*l0/l1;
c[D_CBC_BF][i]=c[D_CBC_BF][i-1]*l0/l1;
c[D_CBC_CAST][i]=c[D_CBC_CAST][i-1]*l0/l1;
c[D_CBC_128_AES][i]=c[D_CBC_128_AES][i-1]*l0/l1;
c[D_CBC_192_AES][i]=c[D_CBC_192_AES][i-1]*l0/l1;
c[D_CBC_256_AES][i]=c[D_CBC_256_AES][i-1]*l0/l1;
}
#ifndef OPENSSL_NO_RSA
rsa_c[R_RSA_512][0]=count/2000;

86
crypto/openssl/apps/x509.c
View File

@ -1022,31 +1022,31 @@ int MAIN(int argc, char **argv)
OPENSSL_EXIT(ret);
}
static ASN1_INTEGER *load_serial(char *CAfile, char *serialfile, int create)
static ASN1_INTEGER *x509_load_serial(char *CAfile, char *serialfile, int create)
{
char *buf = NULL, *p;
MS_STATIC char buf2[1024];
ASN1_INTEGER *bs = NULL, *bs2 = NULL;
BIO *io = NULL;
ASN1_INTEGER *bs = NULL;
BIGNUM *serial = NULL;
size_t len;
buf=OPENSSL_malloc( ((serialfile == NULL)
?(strlen(CAfile)+strlen(POSTFIX)+1)
:(strlen(serialfile)))+1);
len = ((serialfile == NULL)
?(strlen(CAfile)+strlen(POSTFIX)+1)
:(strlen(serialfile)))+1;
buf=OPENSSL_malloc(len);
if (buf == NULL) { BIO_printf(bio_err,"out of mem\n"); goto end; }
if (serialfile == NULL)
{
strcpy(buf,CAfile);
BUF_strlcpy(buf,CAfile,len);
for (p=buf; *p; p++)
if (*p == '.')
{
*p='\0';
break;
}
strcat(buf,POSTFIX);
BUF_strlcat(buf,POSTFIX,len);
}
else
strcpy(buf,serialfile);
BUF_strlcpy(buf,serialfile,len);
serial=BN_new();
bs=ASN1_INTEGER_new();
if ((serial == NULL) || (bs == NULL))
@ -1055,72 +1055,18 @@ static ASN1_INTEGER *load_serial(char *CAfile, char *serialfile, int create)
goto end;
}
io=BIO_new(BIO_s_file());
if (io == NULL)
{
ERR_print_errors(bio_err);
goto end;
}
if (BIO_read_filename(io,buf) <= 0)
{
if (!create)
{
perror(buf);
goto end;
}
else
{
ASN1_INTEGER_set(bs,1);
BN_one(serial);
}
}
else
{
if (!a2i_ASN1_INTEGER(io,bs,buf2,sizeof buf2))
{
BIO_printf(bio_err,"unable to load serial number from %s\n",buf);
ERR_print_errors(bio_err);
goto end;
}
else
{
serial=BN_bin2bn(bs->data,bs->length,serial);
if (serial == NULL)
{
BIO_printf(bio_err,"error converting bin 2 bn");
goto end;
}
}
}
serial = load_serial(buf, create, NULL);
if (serial == NULL) goto end;
if (!BN_add_word(serial,1))
{ BIO_printf(bio_err,"add_word failure\n"); goto end; }
if (!(bs2 = BN_to_ASN1_INTEGER(serial, NULL)))
{ BIO_printf(bio_err,"error converting bn 2 asn1_integer\n"); goto end; }
if (BIO_write_filename(io,buf) <= 0)
{
BIO_printf(bio_err,"error attempting to write serial number file\n");
perror(buf);
goto end;
}
i2a_ASN1_INTEGER(io,bs2);
BIO_puts(io,"\n");
BIO_free(io);
if (!save_serial(buf, NULL, serial, &bs)) goto end;
end:
if (buf) OPENSSL_free(buf);
ASN1_INTEGER_free(bs2);
BN_free(serial);
io=NULL;
return bs;
end:
if (buf) OPENSSL_free(buf);
BIO_free(io);
ASN1_INTEGER_free(bs);
BN_free(serial);
return NULL;
}
static int x509_certify(X509_STORE *ctx, char *CAfile, const EVP_MD *digest,
@ -1142,7 +1088,7 @@ static int x509_certify(X509_STORE *ctx, char *CAfile, const EVP_MD *digest,
goto end;
}
if (sno) bs = sno;
else if (!(bs = load_serial(CAfile, serialfile, create)))
else if (!(bs = x509_load_serial(CAfile, serialfile, create)))
goto end;
/* if (!X509_STORE_add_cert(ctx,x)) goto end;*/

18
crypto/openssl/certs/expired/vsign3.pem Normal file
View File

@ -0,0 +1,18 @@
subject=/C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority
notBefore=Jan 29 00:00:00 1996 GMT
notAfter=Jan 7 23:59:59 2004 GMT
-----BEGIN CERTIFICATE-----
MIICPTCCAaYCEQDknv3zOugOz6URPhmkJAIyMA0GCSqGSIb3DQEBAgUAMF8xCzAJ
BgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xh
c3MgMyBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05
NjAxMjkwMDAwMDBaFw0wNDAxMDcyMzU5NTlaMF8xCzAJBgNVBAYTAlVTMRcwFQYD
VQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMyBQdWJsaWMgUHJp
bWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTCBnzANBgkqhkiG9w0BAQEFAAOB
jQAwgYkCgYEAyVxZnvIbigEUtBDfBEDb41evakVAj4QMC9Ez2dkRz+4CWB8l9yqo
RAWq7AMfeH+ek7maAKojfdashaJjRcdyJ8z0TMZ1cdI5709C8HXfCpDGjiBvmA/4
rCNfcCk2pMmG57GaIMtTpYXnPb59mv4kRTPcdhXtD6JxZExlLoFoRacCAwEAATAN
BgkqhkiG9w0BAQIFAAOBgQBhcOwvP579K+ZoVCGwZ3kIDCCWMYoNer62Jt95LCJp
STbjl3diYaIy13pUITa6Ask05yXaRDWw0lyAXbOU+Pms7qRgdSoflUkjsUp89LNH
ciFbfperVKxi513srpvSybIk+4Kt6WcVS7qqpvCXoPawl1cAyAw8CaCCBLpB2veZ
pA==
-----END CERTIFICATE-----

27
crypto/openssl/certs/vsign3.pem
View File

@ -1,18 +1,17 @@
subject=/C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority
notBefore=Jan 29 00:00:00 1996 GMT
notAfter=Jan 7 23:59:59 2004 GMT
notAfter=Aug 1 23:59:59 2028 GMT
-----BEGIN CERTIFICATE-----
MIICPTCCAaYCEQDknv3zOugOz6URPhmkJAIyMA0GCSqGSIb3DQEBAgUAMF8xCzAJ
BgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xh
c3MgMyBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05
NjAxMjkwMDAwMDBaFw0wNDAxMDcyMzU5NTlaMF8xCzAJBgNVBAYTAlVTMRcwFQYD
VQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMyBQdWJsaWMgUHJp
bWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTCBnzANBgkqhkiG9w0BAQEFAAOB
jQAwgYkCgYEAyVxZnvIbigEUtBDfBEDb41evakVAj4QMC9Ez2dkRz+4CWB8l9yqo
RAWq7AMfeH+ek7maAKojfdashaJjRcdyJ8z0TMZ1cdI5709C8HXfCpDGjiBvmA/4
rCNfcCk2pMmG57GaIMtTpYXnPb59mv4kRTPcdhXtD6JxZExlLoFoRacCAwEAATAN
BgkqhkiG9w0BAQIFAAOBgQBhcOwvP579K+ZoVCGwZ3kIDCCWMYoNer62Jt95LCJp
STbjl3diYaIy13pUITa6Ask05yXaRDWw0lyAXbOU+Pms7qRgdSoflUkjsUp89LNH
ciFbfperVKxi513srpvSybIk+4Kt6WcVS7qqpvCXoPawl1cAyAw8CaCCBLpB2veZ
pA==
MIICPDCCAaUCEHC65B0Q2Sk0tjjKewPMur8wDQYJKoZIhvcNAQECBQAwXzELMAkG
A1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFz
cyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk2
MDEyOTAwMDAwMFoXDTI4MDgwMTIzNTk1OVowXzELMAkGA1UEBhMCVVMxFzAVBgNV
BAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAzIFB1YmxpYyBQcmlt
YXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGfMA0GCSqGSIb3DQEBAQUAA4GN
ADCBiQKBgQDJXFme8huKARS0EN8EQNvjV69qRUCPhAwL0TPZ2RHP7gJYHyX3KqhE
BarsAx94f56TuZoAqiN91qyFomNFx3InzPRMxnVx0jnvT0Lwdd8KkMaOIG+YD/is
I19wKTakyYbnsZogy1Olhec9vn2a/iRFM9x2Fe0PonFkTGUugWhFpwIDAQABMA0G
CSqGSIb3DQEBAgUAA4GBALtMEivPLCYATxQT3ab7/AoRhIzzKBxnki98tsX63/Do
lbwdj2wsqFHMc9ikwFPwTtYmwHYBV4GSXiHx0bH/59AhWM1pF+NEHJwZRDmJXNyc
AA9WjQKZ7aKQRUzkuxCkPfAyAw7xzvjoyVGM5mKf5p/AfbdynMk2OmufTqj/ZA1k
-----END CERTIFICATE-----

13
crypto/openssl/config
View File

@ -134,7 +134,7 @@ case "${SYSTEM}:${RELEASE}:${VERSION}:${MACHINE}" in
HPUXVER=`echo ${RELEASE}|sed -e 's/[^.]*.[0B]*//'`
case "$HPUXVER" in
1[0-9].*) # HPUX 10 and 11 targets are unified
echo "${MACHINE}-hp-hpux10"; exit 0
echo "${MACHINE}-hp-hpux1x"; exit 0
;;
*)
echo "${MACHINE}-hp-hpux"; exit 0
@ -410,9 +410,10 @@ if [ "$SYSTEM" = "HP-UX" ];then
GCC_BITS="32"
if [ $GCCVER -ge 30 ]; then
# PA64 support only came in with gcc 3.0.x.
# We look for the preprocessor symbol __LP64__ indicating
# 64bit bit long and pointer. sizeof(int) == 32 on HPUX64.
if gcc -v -E -x c /dev/null 2>&1 | grep __LP64__ > /dev/null; then
# We check if the preprocessor symbol __LP64__ is defined...
if echo "__LP64__" | gcc -v -E -x c - 2>/dev/null | grep "^__LP64__" 2>&1 > /dev/null; then
: # __LP64__ has slipped through, it therefore is not defined
else
GCC_BITS="64"
fi
fi
@ -685,7 +686,7 @@ EOF
if [ $CC = "gcc" ];
then
if [ $GCC_BITS = "64" ]; then
OUT="hpux64-parisc-gcc"
OUT="hpux64-parisc2-gcc"
else
OUT="hpux-parisc-gcc"
fi
@ -700,7 +701,7 @@ EOF
if [ $CPU_VERSION -ge 768 ]; then # IA-64 CPU
echo "WARNING! 64-bit ABI is the default configured ABI on HP-UXi."
echo " If you wish to build 32-bit library, the you have to"
echo " invoke './Configure hpux-ia32-cc' *manually*."
echo " invoke './Configure hpux-ia64-cc' *manually*."
if [ "$TEST" = "false" ]; then
echo " You have about 5 seconds to press Ctrl-C to abort."
(stty -icanon min 0 time 50; read waste) < /dev/tty

8
crypto/openssl/crypto/Makefile.ssl
View File

@ -50,7 +50,7 @@ ALL= $(GENERAL) $(SRC) $(HEADER)
top:
@(cd ..; $(MAKE) DIRS=$(DIR) all)
all: buildinf.h lib subdirs shared
all: shared
buildinf.h: ../Makefile.ssl
( echo "#ifndef MK1MF_BUILD"; \
@ -81,11 +81,11 @@ files:
done;
links:
@$(TOP)/util/point.sh Makefile.ssl Makefile
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../apps $(APPS)
@$(TOP)/util/point.sh Makefile.ssl Makefile
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
@for i in $(SDIRS); do \
(cd $$i && echo "making links in crypto/$$i..." && \
$(MAKE) CC='$(CC)' INCLUDES='${INCLUDES}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' AR='${AR}' PERL='${PERL}' links ); \
@ -96,7 +96,7 @@ lib: $(LIBOBJ)
$(RANLIB) $(LIB) || echo Never mind.
@touch lib
shared:
shared: buildinf.h lib subdirs
if [ -n "$(SHARED_LIBS)" ]; then \
(cd ..; $(MAKE) $(SHARED_LIB)); \
fi

2
crypto/openssl/crypto/aes/Makefile.ssl
View File

@ -52,7 +52,7 @@ files:
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
@$(TOP)/util/point.sh Makefile.ssl Makefile
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)

2
crypto/openssl/crypto/aes/aes_cbc.c
View File

@ -104,7 +104,7 @@ void AES_cbc_encrypt(const unsigned char *in, unsigned char *out,
memcpy(tmp, in, AES_BLOCK_SIZE);
AES_decrypt(tmp, tmp, key);
for(n=0; n < len; ++n)
out[n] ^= ivec[n];
out[n] = tmp[n] ^ ivec[n];
memcpy(ivec, tmp, AES_BLOCK_SIZE);
}
}

2
crypto/openssl/crypto/asn1/Makefile.ssl
View File

@ -77,7 +77,7 @@ files:
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
@$(TOP)/util/point.sh Makefile.ssl Makefile
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)

9
crypto/openssl/crypto/asn1/a_gentm.c
View File

@ -208,6 +208,7 @@ ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s,
char *p;
struct tm *ts;
struct tm data;
size_t len = 20;
if (s == NULL)
s=M_ASN1_GENERALIZEDTIME_new();
@ -219,17 +220,17 @@ ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s,
return(NULL);
p=(char *)s->data;
if ((p == NULL) || (s->length < 16))
if ((p == NULL) || ((size_t)s->length < len))
{
p=OPENSSL_malloc(20);
p=OPENSSL_malloc(len);
if (p == NULL) return(NULL);
if (s->data != NULL)
OPENSSL_free(s->data);
s->data=(unsigned char *)p;
}
sprintf(p,"%04d%02d%02d%02d%02d%02dZ",ts->tm_year + 1900,
ts->tm_mon+1,ts->tm_mday,ts->tm_hour,ts->tm_min,ts->tm_sec);
BIO_snprintf(p,len,"%04d%02d%02d%02d%02d%02dZ",ts->tm_year + 1900,
ts->tm_mon+1,ts->tm_mday,ts->tm_hour,ts->tm_min,ts->tm_sec);
s->length=strlen(p);
s->type=V_ASN1_GENERALIZEDTIME;
#ifdef CHARSET_EBCDIC_not

4
crypto/openssl/crypto/asn1/a_mbstr.c
View File

@ -145,14 +145,14 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len,
if((minsize > 0) && (nchar < minsize)) {
ASN1err(ASN1_F_ASN1_MBSTRING_COPY, ASN1_R_STRING_TOO_SHORT);
sprintf(strbuf, "%ld", minsize);
BIO_snprintf(strbuf, sizeof strbuf, "%ld", minsize);
ERR_add_error_data(2, "minsize=", strbuf);
return -1;
}
if((maxsize > 0) && (nchar > maxsize)) {
ASN1err(ASN1_F_ASN1_MBSTRING_COPY, ASN1_R_STRING_TOO_LONG);
sprintf(strbuf, "%ld", maxsize);
BIO_snprintf(strbuf, sizeof strbuf, "%ld", maxsize);
ERR_add_error_data(2, "maxsize=", strbuf);
return -1;
}

2
crypto/openssl/crypto/asn1/a_strex.c
View File

@ -285,7 +285,7 @@ const static signed char tag2nbyte[] = {
-1, -1, 0, -1, /* 10-13 */
-1, -1, -1, -1, /* 15-17 */
-1, 1, 1, /* 18-20 */
-1, 1, -1,-1, /* 21-24 */
-1, 1, 1, 1, /* 21-24 */
-1, 1, -1, /* 25-27 */
4, -1, 2 /* 28-30 */
};

9
crypto/openssl/crypto/asn1/a_time.c
View File

@ -128,6 +128,7 @@ ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t, ASN1_GENERALIZE
{
ASN1_GENERALIZEDTIME *ret;
char *str;
int newlen;
if (!ASN1_TIME_check(t)) return NULL;
@ -150,12 +151,14 @@ ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t, ASN1_GENERALIZE
/* grow the string */
if (!ASN1_STRING_set(ret, NULL, t->length + 2))
return NULL;
/* ASN1_STRING_set() allocated 'len + 1' bytes. */
newlen = t->length + 2 + 1;
str = (char *)ret->data;
/* Work out the century and prepend */
if (t->data[0] >= '5') strcpy(str, "19");
else strcpy(str, "20");
if (t->data[0] >= '5') BUF_strlcpy(str, "19", newlen);
else BUF_strlcpy(str, "20", newlen);
BUF_strlcat(str, (char *)t->data, t->length+3); /* Include space for a '\0' */
BUF_strlcat(str, (char *)t->data, newlen);
return ret;
}

9
crypto/openssl/crypto/asn1/a_utctm.c
View File

@ -188,6 +188,7 @@ ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s, time_t t)
char *p;
struct tm *ts;
struct tm data;
size_t len = 20;
if (s == NULL)
s=M_ASN1_UTCTIME_new();
@ -199,17 +200,17 @@ ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s, time_t t)
return(NULL);
p=(char *)s->data;
if ((p == NULL) || (s->length < 14))
if ((p == NULL) || ((size_t)s->length < len))
{
p=OPENSSL_malloc(20);
p=OPENSSL_malloc(len);
if (p == NULL) return(NULL);
if (s->data != NULL)
OPENSSL_free(s->data);
s->data=(unsigned char *)p;
}
sprintf(p,"%02d%02d%02d%02d%02d%02dZ",ts->tm_year%100,
ts->tm_mon+1,ts->tm_mday,ts->tm_hour,ts->tm_min,ts->tm_sec);
BIO_snprintf(p,len,"%02d%02d%02d%02d%02d%02dZ",ts->tm_year%100,
ts->tm_mon+1,ts->tm_mday,ts->tm_hour,ts->tm_min,ts->tm_sec);
s->length=strlen(p);
s->type=V_ASN1_UTCTIME;
#ifdef CHARSET_EBCDIC_not

4
crypto/openssl/crypto/asn1/asn1_lib.c
View File

@ -414,8 +414,8 @@ void asn1_add_error(unsigned char *address, int offset)
{
char buf1[DECIMAL_SIZE(address)+1],buf2[DECIMAL_SIZE(offset)+1];
sprintf(buf1,"%lu",(unsigned long)address);
sprintf(buf2,"%d",offset);
BIO_snprintf(buf1,sizeof buf1,"%lu",(unsigned long)address);
BIO_snprintf(buf2,sizeof buf2,"%d",offset);
ERR_add_error_data(4,"address=",buf1," offset=",buf2);
}

6
crypto/openssl/crypto/asn1/asn1_par.c
View File

@ -83,11 +83,11 @@ static int asn1_print_info(BIO *bp, int tag, int xclass, int constructed,
p=str;
if ((xclass & V_ASN1_PRIVATE) == V_ASN1_PRIVATE)
sprintf(str,"priv [ %d ] ",tag);
BIO_snprintf(str,sizeof str,"priv [ %d ] ",tag);
else if ((xclass & V_ASN1_CONTEXT_SPECIFIC) == V_ASN1_CONTEXT_SPECIFIC)
sprintf(str,"cont [ %d ]",tag);
BIO_snprintf(str,sizeof str,"cont [ %d ]",tag);
else if ((xclass & V_ASN1_APPLICATION) == V_ASN1_APPLICATION)
sprintf(str,"appl [ %d ]",tag);
BIO_snprintf(str,sizeof str,"appl [ %d ]",tag);
else p = ASN1_tag2str(tag);
if (p2 != NULL)

9
crypto/openssl/crypto/asn1/asn_moid.c
View File

@ -87,9 +87,14 @@ static int oid_module_init(CONF_IMODULE *md, const CONF *cnf)
}
}
return 1;
}
}
static void oid_module_finish(CONF_IMODULE *md)
{
OBJ_cleanup();
}
void ASN1_add_oid_module(void)
{
CONF_module_add("oid_section", oid_module_init, 0);
CONF_module_add("oid_section", oid_module_init, oid_module_finish);
}

4
crypto/openssl/crypto/asn1/t_pkey.c
View File

@ -139,9 +139,9 @@ int RSA_print(BIO *bp, const RSA *x, int off)
}
if (x->d == NULL)
sprintf(str,"Modulus (%d bit):",BN_num_bits(x->n));
BIO_snprintf(str,sizeof str,"Modulus (%d bit):",BN_num_bits(x->n));
else
strcpy(str,"modulus:");
BUF_strlcpy(str,"modulus:",sizeof str);
if (!print(bp,str,x->n,m,off)) goto err;
s=(x->d == NULL)?"Exponent:":"publicExponent:";
if (!print(bp,s,x->e,m,off)) goto err;

10
crypto/openssl/crypto/asn1/x_long.c
View File

@ -104,7 +104,12 @@ static int long_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const A
long ltmp;
unsigned long utmp;
int clen, pad, i;
ltmp = *(long *)pval;
/* this exists to bypass broken gcc optimization */
char *cp = (char *)pval;
/* use memcpy, because we may not be long aligned */
memcpy(&ltmp, cp, sizeof(long));
if(ltmp == it->size) return -1;
/* Convert the long to positive: we subtract one if negative so
* we can cleanly handle the padding if only the MSB of the leading
@ -136,6 +141,7 @@ static int long_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype,
int neg, i;
long ltmp;
unsigned long utmp = 0;
char *cp = (char *)pval;
if(len > sizeof(long)) {
ASN1err(ASN1_F_LONG_C2I, ASN1_R_INTEGER_TOO_LARGE_FOR_LONG);
return 0;
@ -158,6 +164,6 @@ static int long_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype,
ASN1err(ASN1_F_LONG_C2I, ASN1_R_INTEGER_TOO_LARGE_FOR_LONG);
return 0;
}
*(long *)pval = ltmp;
memcpy(cp, &ltmp, sizeof(long));
return 1;
}

3
crypto/openssl/crypto/bf/Makefile.ssl
View File

@ -22,6 +22,7 @@ BF_ENC= bf_enc.o
#DES_ENC= bx86-elf.o
CFLAGS= $(INCLUDES) $(CFLAG)
ASFLAGS= $(INCLUDES) $(ASFLAG)
GENERAL=Makefile
TEST=bftest.c
@ -67,7 +68,7 @@ files:
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
@$(TOP)/util/point.sh Makefile.ssl Makefile
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)

2
crypto/openssl/crypto/bio/Makefile.ssl
View File

@ -57,7 +57,7 @@ files:
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
@$(TOP)/util/point.sh Makefile.ssl Makefile
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)

32
crypto/openssl/crypto/bio/b_dump.c
View File

@ -104,38 +104,41 @@ int BIO_dump_indent(BIO *bio, const char *s, int len, int indent)
for(i=0;i<rows;i++)
{
buf[0]='\0'; /* start with empty string */
strcpy(buf,str);
sprintf(tmp,"%04x - ",i*dump_width);
strcat(buf,tmp);
BUF_strlcpy(buf,str,sizeof buf);
BIO_snprintf(tmp,sizeof tmp,"%04x - ",i*dump_width);
BUF_strlcat(buf,tmp,sizeof buf);
for(j=0;j<dump_width;j++)
{
if (((i*dump_width)+j)>=len)
{
strcat(buf," ");
BUF_strlcat(buf," ",sizeof buf);
}
else
{
ch=((unsigned char)*(s+i*dump_width+j)) & 0xff;
sprintf(tmp,"%02x%c",ch,j==7?'-':' ');
strcat(buf,tmp);
BIO_snprintf(tmp,sizeof tmp,"%02x%c",ch,
j==7?'-':' ');
BUF_strlcat(buf,tmp,sizeof buf);
}
}
strcat(buf," ");
BUF_strlcat(buf," ",sizeof buf);
for(j=0;j<dump_width;j++)
{
if (((i*dump_width)+j)>=len)
break;
ch=((unsigned char)*(s+i*dump_width+j)) & 0xff;
#ifndef CHARSET_EBCDIC
sprintf(tmp,"%c",((ch>=' ')&&(ch<='~'))?ch:'.');
BIO_snprintf(tmp,sizeof tmp,"%c",
((ch>=' ')&&(ch<='~'))?ch:'.');
#else
sprintf(tmp,"%c",((ch>=os_toascii[' '])&&(ch<=os_toascii['~']))
? os_toebcdic[ch]
: '.');
BIO_snprintf(tmp,sizeof tmp,"%c",
((ch>=os_toascii[' '])&&(ch<=os_toascii['~']))
? os_toebcdic[ch]
: '.');
#endif
strcat(buf,tmp);
BUF_strlcat(buf,tmp,sizeof buf);
}
strcat(buf,"\n");
BUF_strlcat(buf,"\n",sizeof buf);
/* if this is the last call then update the ddt_dump thing so that
* we will move the selection point in the debug window
*/
@ -144,7 +147,8 @@ int BIO_dump_indent(BIO *bio, const char *s, int len, int indent)
#ifdef TRUNCATE
if (trunc > 0)
{
sprintf(buf,"%s%04x - <SPACES/NULS>\n",str,len+trunc);
BIO_snprintf(buf,sizeof buf,"%s%04x - <SPACES/NULS>\n",str,
len+trunc);
ret+=BIO_write(bio,(char *)buf,strlen(buf));
}
#endif

12
crypto/openssl/crypto/bio/b_print.c
View File

@ -576,12 +576,12 @@ abs_val(LDOUBLE value)
}
static LDOUBLE
pow10(int exp)
pow10(int in_exp)
{
LDOUBLE result = 1;
while (exp) {
while (in_exp) {
result *= 10;
exp--;
in_exp--;
}
return result;
}
@ -652,8 +652,8 @@ fmtfp(
(caps ? "0123456789ABCDEF"
: "0123456789abcdef")[intpart % 10];
intpart = (intpart / 10);
} while (intpart && (iplace < sizeof iplace));
if (iplace == sizeof iplace)
} while (intpart && (iplace < sizeof iconvert));
if (iplace == sizeof iconvert)
iplace--;
iconvert[iplace] = 0;
@ -664,7 +664,7 @@ fmtfp(
: "0123456789abcdef")[fracpart % 10];
fracpart = (fracpart / 10);
} while (fplace < max);
if (fplace == sizeof fplace)
if (fplace == sizeof fconvert)
fplace--;
fconvert[fplace] = 0;

12
crypto/openssl/crypto/bio/b_sock.c
View File

@ -709,12 +709,12 @@ int BIO_accept(int sock, char **addr)
}
*addr=p;
}
sprintf(*addr,"%d.%d.%d.%d:%d",
(unsigned char)(l>>24L)&0xff,
(unsigned char)(l>>16L)&0xff,
(unsigned char)(l>> 8L)&0xff,
(unsigned char)(l )&0xff,
port);
BIO_snprintf(*addr,24,"%d.%d.%d.%d:%d",
(unsigned char)(l>>24L)&0xff,
(unsigned char)(l>>16L)&0xff,
(unsigned char)(l>> 8L)&0xff,
(unsigned char)(l )&0xff,
port);
end:
return(ret);
}

36
crypto/openssl/crypto/bio/bio_cb.c
View File

@ -70,55 +70,61 @@ long MS_CALLBACK BIO_debug_callback(BIO *bio, int cmd, const char *argp,
MS_STATIC char buf[256];
char *p;
long r=1;
size_t p_maxlen;
if (BIO_CB_RETURN & cmd)
r=ret;
sprintf(buf,"BIO[%08lX]:",(unsigned long)bio);
BIO_snprintf(buf,sizeof buf,"BIO[%08lX]:",(unsigned long)bio);
p= &(buf[14]);
p_maxlen = sizeof buf - 14;
switch (cmd)
{
case BIO_CB_FREE:
sprintf(p,"Free - %s\n",bio->method->name);
BIO_snprintf(p,p_maxlen,"Free - %s\n",bio->method->name);
break;
case BIO_CB_READ:
if (bio->method->type & BIO_TYPE_DESCRIPTOR)
sprintf(p,"read(%d,%d) - %s fd=%d\n",bio->num,argi,bio->method->name,bio->num);
BIO_snprintf(p,p_maxlen,"read(%d,%d) - %s fd=%d\n",
bio->num,argi,bio->method->name,bio->num);
else
sprintf(p,"read(%d,%d) - %s\n",bio->num,argi,bio->method->name);
BIO_snprintf(p,p_maxlen,"read(%d,%d) - %s\n",
bio->num,argi,bio->method->name);
break;
case BIO_CB_WRITE:
if (bio->method->type & BIO_TYPE_DESCRIPTOR)
sprintf(p,"write(%d,%d) - %s fd=%d\n",bio->num,argi,bio->method->name,bio->num);
BIO_snprintf(p,p_maxlen,"write(%d,%d) - %s fd=%d\n",
bio->num,argi,bio->method->name,bio->num);
else
sprintf(p,"write(%d,%d) - %s\n",bio->num,argi,bio->method->name);
BIO_snprintf(p,p_maxlen,"write(%d,%d) - %s\n",
bio->num,argi,bio->method->name);
break;
case BIO_CB_PUTS:
sprintf(p,"puts() - %s\n",bio->method->name);
BIO_snprintf(p,p_maxlen,"puts() - %s\n",bio->method->name);
break;
case BIO_CB_GETS:
sprintf(p,"gets(%d) - %s\n",argi,bio->method->name);
BIO_snprintf(p,p_maxlen,"gets(%d) - %s\n",argi,bio->method->name);
break;
case BIO_CB_CTRL:
sprintf(p,"ctrl(%d) - %s\n",argi,bio->method->name);
BIO_snprintf(p,p_maxlen,"ctrl(%d) - %s\n",argi,bio->method->name);
break;
case BIO_CB_RETURN|BIO_CB_READ:
sprintf(p,"read return %ld\n",ret);
BIO_snprintf(p,p_maxlen,"read return %ld\n",ret);
break;
case BIO_CB_RETURN|BIO_CB_WRITE:
sprintf(p,"write return %ld\n",ret);
BIO_snprintf(p,p_maxlen,"write return %ld\n",ret);
break;
case BIO_CB_RETURN|BIO_CB_GETS:
sprintf(p,"gets return %ld\n",ret);
BIO_snprintf(p,p_maxlen,"gets return %ld\n",ret);
break;
case BIO_CB_RETURN|BIO_CB_PUTS:
sprintf(p,"puts return %ld\n",ret);
BIO_snprintf(p,p_maxlen,"puts return %ld\n",ret);
break;
case BIO_CB_RETURN|BIO_CB_CTRL:
sprintf(p,"ctrl return %ld\n",ret);
BIO_snprintf(p,p_maxlen,"ctrl return %ld\n",ret);
break;
default:
sprintf(p,"bio callback - unknown type (%d)\n",cmd);
BIO_snprintf(p,p_maxlen,"bio callback - unknown type (%d)\n",cmd);
break;
}

6
crypto/openssl/crypto/bio/bss_conn.c
View File

@ -521,8 +521,8 @@ static long conn_ctrl(BIO *b, int cmd, long num, void *ptr)
char buf[16];
unsigned char *p = ptr;
sprintf(buf,"%d.%d.%d.%d",
p[0],p[1],p[2],p[3]);
BIO_snprintf(buf,sizeof buf,"%d.%d.%d.%d",
p[0],p[1],p[2],p[3]);
if (data->param_hostname != NULL)
OPENSSL_free(data->param_hostname);
data->param_hostname=BUF_strdup(buf);
@ -532,7 +532,7 @@ static long conn_ctrl(BIO *b, int cmd, long num, void *ptr)
{
char buf[DECIMAL_SIZE(int)+1];
sprintf(buf,"%d",*(int *)ptr);
BIO_snprintf(buf,sizeof buf,"%d",*(int *)ptr);
if (data->param_port != NULL)
OPENSSL_free(data->param_port);
data->param_port=BUF_strdup(buf);

10
crypto/openssl/crypto/bio/bss_file.c
View File

@ -249,15 +249,15 @@ static long MS_CALLBACK file_ctrl(BIO *b, int cmd, long num, void *ptr)
if (num & BIO_FP_APPEND)
{
if (num & BIO_FP_READ)
strcpy(p,"a+");
else strcpy(p,"a");
BUF_strlcpy(p,"a+",sizeof p);
else BUF_strlcpy(p,"a",sizeof p);
}
else if ((num & BIO_FP_READ) && (num & BIO_FP_WRITE))
strcpy(p,"r+");
BUF_strlcpy(p,"r+",sizeof p);
else if (num & BIO_FP_WRITE)
strcpy(p,"w");
BUF_strlcpy(p,"w",sizeof p);
else if (num & BIO_FP_READ)
strcpy(p,"r");
BUF_strlcpy(p,"r",sizeof p);
else
{
BIOerr(BIO_F_FILE_CTRL,BIO_R_BAD_FOPEN_MODE);

5
crypto/openssl/crypto/bn/Makefile.ssl
View File

@ -120,11 +120,14 @@ asm/ia64-cpp.o: asm/ia64.S
asm/x86_64-gcc.o: asm/x86_64-gcc.c
asm/pa-risc2W.o: asm/pa-risc2W.s
/usr/ccs/bin/as -o asm/pa-rics2W.o asm/pa-risc2W.s
files:
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
@$(TOP)/util/point.sh Makefile.ssl Makefile
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)

2
crypto/openssl/crypto/bn/asm/bn-586.pl
View File

@ -11,7 +11,7 @@ require "x86asm.pl";
&bn_div_words("bn_div_words");
&bn_add_words("bn_add_words");
&bn_sub_words("bn_sub_words");
&bn_sub_part_words("bn_sub_part_words");
#&bn_sub_part_words("bn_sub_part_words");
&asm_finish();

2
crypto/openssl/crypto/bn/asm/x86_64-gcc.c
View File

@ -142,7 +142,7 @@ void bn_sqr_words(BN_ULONG *r, BN_ULONG *a, int n)
BN_ULONG bn_div_words(BN_ULONG h, BN_ULONG l, BN_ULONG d)
{ BN_ULONG ret,waste;
asm ("divq %3"
asm ("divq %4"
: "=a"(ret),"=d"(waste)
: "a"(l),"d"(h),"g"(d)
: "cc");

17
crypto/openssl/crypto/bn/bn_lcl.h
View File

@ -433,19 +433,18 @@ void bn_sqr_comba4(BN_ULONG *r,const BN_ULONG *a);
int bn_cmp_words(const BN_ULONG *a,const BN_ULONG *b,int n);
int bn_cmp_part_words(const BN_ULONG *a, const BN_ULONG *b,
int cl, int dl);
#if 0
/* bn_mul.c rollback <appro> */
void bn_mul_recursive(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b,int n2,
int dna,int dnb,BN_ULONG *t);
void bn_mul_part_recursive(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b,
int n,int tna,int tnb,BN_ULONG *t);
#endif
void bn_sqr_recursive(BN_ULONG *r,const BN_ULONG *a, int n2, BN_ULONG *t);
void bn_mul_low_normal(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b, int n);
#ifdef BN_RECURSION
void bn_mul_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2,
BN_ULONG *t);
void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int tn,
int n, BN_ULONG *t);
void bn_mul_low_recursive(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b,int n2,
BN_ULONG *t);
void bn_mul_high(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b,BN_ULONG *l,int n2,
BN_ULONG *t);
void bn_sqr_recursive(BN_ULONG *r,const BN_ULONG *a, int n2, BN_ULONG *t);
#endif
void bn_mul_low_normal(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b, int n);
#ifdef __cplusplus
}

8
crypto/openssl/crypto/bn/bn_lib.c
View File

@ -145,11 +145,11 @@ char *BN_options(void)
{
init++;
#ifdef BN_LLONG
sprintf(data,"bn(%d,%d)",(int)sizeof(BN_ULLONG)*8,
(int)sizeof(BN_ULONG)*8);
BIO_snprintf(data,sizeof data,"bn(%d,%d)",
(int)sizeof(BN_ULLONG)*8,(int)sizeof(BN_ULONG)*8);
#else
sprintf(data,"bn(%d,%d)",(int)sizeof(BN_ULONG)*8,
(int)sizeof(BN_ULONG)*8);
BIO_snprintf(data,sizeof data,"bn(%d,%d)",
(int)sizeof(BN_ULONG)*8,(int)sizeof(BN_ULONG)*8);
#endif
}
return(data);

5
crypto/openssl/crypto/bn/bn_print.c
View File

@ -119,6 +119,7 @@ char *BN_bn2dec(const BIGNUM *a)
}
if ((t=BN_dup(a)) == NULL) goto err;
#define BUF_REMAIN (num+3 - (size_t)(p - buf))
p=buf;
lp=bn_data;
if (t->neg) *(p++)='-';
@ -139,12 +140,12 @@ char *BN_bn2dec(const BIGNUM *a)
/* We now have a series of blocks, BN_DEC_NUM chars
* in length, where the last one needs truncation.
* The blocks need to be reversed in order. */
sprintf(p,BN_DEC_FMT1,*lp);
BIO_snprintf(p,BUF_REMAIN,BN_DEC_FMT1,*lp);
while (*p) p++;
while (lp != bn_data)
{
lp--;
sprintf(p,BN_DEC_FMT2,*lp);
BIO_snprintf(p,BUF_REMAIN,BN_DEC_FMT2,*lp);
while (*p) p++;
}
}

2
crypto/openssl/crypto/buffer/Makefile.ssl
View File

@ -47,7 +47,7 @@ files:
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
@$(TOP)/util/point.sh Makefile.ssl Makefile
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)

3
crypto/openssl/crypto/cast/Makefile.ssl
View File

@ -25,6 +25,7 @@ CAST_ENC=c_enc.o
#CAST_ENC=asm/cx86bdsi.o
CFLAGS= $(INCLUDES) $(CFLAG)
ASFLAGS= $(INCLUDES) $(ASFLAG)
GENERAL=Makefile
TEST=casttest.c
@ -70,7 +71,7 @@ files:
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
@$(TOP)/util/point.sh Makefile.ssl Makefile
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)

2
crypto/openssl/crypto/comp/Makefile.ssl
View File

@ -50,7 +50,7 @@ files:
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
@$(TOP)/util/point.sh Makefile.ssl Makefile
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)

2
crypto/openssl/crypto/conf/Makefile.ssl
View File

@ -50,7 +50,7 @@ files:
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
@$(TOP)/util/point.sh Makefile.ssl Makefile
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)

6
crypto/openssl/crypto/conf/conf_def.c
View File

@ -235,7 +235,7 @@ static int def_load_bio(CONF *conf, BIO *in, long *line)
CONFerr(CONF_F_CONF_LOAD_BIO,ERR_R_MALLOC_FAILURE);
goto err;
}
strcpy(section,"default");
BUF_strlcpy(section,"default",10);
if (_CONF_new_data(conf) == 0)
{
@ -392,7 +392,7 @@ static int def_load_bio(CONF *conf, BIO *in, long *line)
ERR_R_MALLOC_FAILURE);
goto err;
}
strcpy(v->name,pname);
BUF_strlcpy(v->name,pname,strlen(pname)+1);
if (!str_copy(conf,psection,&(v->value),start)) goto err;
if (strcmp(psection,section) != 0)
@ -447,7 +447,7 @@ static int def_load_bio(CONF *conf, BIO *in, long *line)
if (buff != NULL) BUF_MEM_free(buff);
if (section != NULL) OPENSSL_free(section);
if (line != NULL) *line=eline;
sprintf(btmp,"%ld",eline);
BIO_snprintf(btmp,sizeof btmp,"%ld",eline);
ERR_add_error_data(2,"line ",btmp);
if ((h != conf->data) && (conf->data != NULL))
{

12
crypto/openssl/crypto/conf/conf_mod.c
View File

@ -232,7 +232,7 @@ static int module_run(const CONF *cnf, char *name, char *value,
{
char rcode[DECIMAL_SIZE(ret)+1];
CONFerr(CONF_F_CONF_MODULES_LOAD, CONF_R_MODULE_INITIALIZATION_ERROR);
sprintf(rcode, "%-8d", ret);
BIO_snprintf(rcode, sizeof rcode, "%-8d", ret);
ERR_add_error_data(6, "module=", name, ", value=", value, ", retcode=", rcode);
}
}
@ -561,11 +561,11 @@ char *CONF_get1_default_config_file(void)
if (!file)
return NULL;
strcpy(file,X509_get_default_cert_area());
BUF_strlcpy(file,X509_get_default_cert_area(),len + 1);
#ifndef OPENSSL_SYS_VMS
strcat(file,"/");
BUF_strlcat(file,"/",len + 1);
#endif
strcat(file,OPENSSL_CONF);
BUF_strlcat(file,OPENSSL_CONF,len + 1);
return file;
}
@ -576,12 +576,12 @@ char *CONF_get1_default_config_file(void)
* be used to parse comma separated lists for example.
*/
int CONF_parse_list(const char *list, int sep, int nospc,
int CONF_parse_list(const char *list_, int sep, int nospc,
int (*list_cb)(const char *elem, int len, void *usr), void *arg)
{
int ret;
const char *lstart, *tmpend, *p;
lstart = list;
lstart = list_;
for(;;)
{

8
crypto/openssl/crypto/cversion.c
View File

@ -61,7 +61,9 @@
#include "cryptlib.h"
#include <openssl/crypto.h>
#ifndef NO_WINDOWS_BRAINDEATH
#include "buildinf.h"
#endif
const char *SSLeay_version(int t)
{
@ -72,7 +74,7 @@ const char *SSLeay_version(int t)
#ifdef DATE
static char buf[sizeof(DATE)+11];
sprintf(buf,"built on: %s",DATE);
BIO_snprintf(buf,sizeof buf,"built on: %s",DATE);
return(buf);
#else
return("built on: date not available");
@ -83,7 +85,7 @@ const char *SSLeay_version(int t)
#ifdef CFLAGS
static char buf[sizeof(CFLAGS)+11];
sprintf(buf,"compiler: %s",CFLAGS);
BIO_snprintf(buf,sizeof buf,"compiler: %s",CFLAGS);
return(buf);
#else
return("compiler: information not available");
@ -94,7 +96,7 @@ const char *SSLeay_version(int t)
#ifdef PLATFORM
static char buf[sizeof(PLATFORM)+11];
sprintf(buf,"platform: %s", PLATFORM);
BIO_snprintf(buf,sizeof buf,"platform: %s", PLATFORM);
return(buf);
#else
return("platform: information not available");

30
crypto/openssl/crypto/des/Makefile.ssl
View File

@ -22,6 +22,7 @@ DES_ENC= des_enc.o fcrypt_b.o
#DES_ENC= dx86-elf.o yx86-elf.o
CFLAGS= $(INCLUDES) $(CFLAG)
ASFLAGS= $(INCLUDES) $(ASFLAG)
GENERAL=Makefile
TEST=destest.c
@ -96,7 +97,7 @@ files:
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
@$(TOP)/util/point.sh Makefile.ssl Makefile
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
@ -157,12 +158,13 @@ cfb64enc.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
cfb64enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
cfb64enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
cfb64enc.o: cfb64enc.c des_locl.h
cfb_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
cfb_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
cfb_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
cfb_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
cfb_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
cfb_enc.o: ../../include/openssl/ui_compat.h cfb_enc.c des_locl.h
cfb_enc.o: ../../e_os.h ../../include/openssl/crypto.h
cfb_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
cfb_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
cfb_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
cfb_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
cfb_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
cfb_enc.o: cfb_enc.c des_locl.h
des_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
des_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
des_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
@ -191,13 +193,13 @@ ecb3_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
ecb3_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
ecb3_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
ecb3_enc.o: des_locl.h ecb3_enc.c
ecb_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
ecb_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
ecb_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
ecb_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
ecb_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
ecb_enc.o: ../../include/openssl/ui_compat.h des_locl.h des_ver.h ecb_enc.c
ecb_enc.o: spr.h
ecb_enc.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
ecb_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
ecb_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
ecb_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
ecb_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
ecb_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
ecb_enc.o: des_locl.h des_ver.h ecb_enc.c spr.h
ede_cbcm_enc.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
ede_cbcm_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
ede_cbcm_enc.o: ../../include/openssl/opensslconf.h

21
crypto/openssl/crypto/des/cfb_enc.c
View File

@ -56,6 +56,7 @@
* [including the GNU Public Licence.]
*/
#include "e_os.h"
#include "des_locl.h"
/* The input and output are loaded in multiples of 8 bits.
@ -64,17 +65,15 @@
* the second. The second 12 bits will come from the 3rd and half the 4th
* byte.
*/
/* WARNING WARNING: this uses in and out in 8-byte chunks regardless of
* length */
/* Until Aug 1 2003 this function did not correctly implement CFB-r, so it
* will not be compatible with any encryption prior to that date. Ben. */
void DES_cfb_encrypt(const unsigned char *in, unsigned char *out, int numbits,
long length, DES_key_schedule *schedule, DES_cblock *ivec,
int enc)
{
register DES_LONG d0,d1,v0,v1,n=(numbits+7)/8;
register unsigned long l=length;
register int num=numbits;
register DES_LONG d0,d1,v0,v1;
register unsigned long l=length,n=(numbits+7)/8;
register int num=numbits,i;
DES_LONG ti[2];
unsigned char *iv;
unsigned char ovec[16];
@ -114,10 +113,10 @@ void DES_cfb_encrypt(const unsigned char *in, unsigned char *out, int numbits,
memmove(ovec,ovec+num/8,8+(num%8 ? 1 : 0));
/* now the remaining bits */
if(num%8 != 0)
for(n=0 ; n < 8 ; ++n)
for(i=0 ; i < 8 ; ++i)
{
ovec[n]<<=num%8;
ovec[n]|=ovec[n+1]>>(8-num%8);
ovec[i]<<=num%8;
ovec[i]|=ovec[i+1]>>(8-num%8);
}
iv=&ovec[0];
c2l(iv,v0);
@ -152,10 +151,10 @@ void DES_cfb_encrypt(const unsigned char *in, unsigned char *out, int numbits,
memmove(ovec,ovec+num/8,8+(num%8 ? 1 : 0));
/* now the remaining bits */
if(num%8 != 0)
for(n=0 ; n < 8 ; ++n)
for(i=0 ; i < 8 ; ++i)
{
ovec[n]<<=num%8;
ovec[n]|=ovec[n+1]>>(8-num%8);
ovec[i]<<=num%8;
ovec[i]|=ovec[i+1]>>(8-num%8);
}
iv=&ovec[0];
c2l(iv,v0);

4
crypto/openssl/crypto/des/ecb_enc.c
View File

@ -60,6 +60,7 @@
#include "des_ver.h"
#include "spr.h"
#include <openssl/opensslv.h>
#include <openssl/bio.h>
OPENSSL_GLOBAL const char *libdes_version="libdes" OPENSSL_VERSION_PTEXT;
OPENSSL_GLOBAL const char *DES_version="DES" OPENSSL_VERSION_PTEXT;
@ -97,7 +98,8 @@ const char *DES_options(void)
size="int";
else
size="long";
sprintf(buf,"des(%s,%s,%s,%s)",ptr,risc,unroll,size);
BIO_snprintf(buf,sizeof buf,"des(%s,%s,%s,%s)",ptr,risc,unroll,
size);
init=0;
}
return(buf);

2
crypto/openssl/crypto/dh/Makefile.ssl
View File

@ -47,7 +47,7 @@ files:
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
@$(TOP)/util/point.sh Makefile.ssl Makefile
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)

2
crypto/openssl/crypto/dsa/Makefile.ssl
View File

@ -49,7 +49,7 @@ files:
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
@$(TOP)/util/point.sh Makefile.ssl Makefile
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)

2
crypto/openssl/crypto/dso/Makefile.ssl
View File

@ -49,7 +49,7 @@ files:
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
@$(TOP)/util/point.sh Makefile.ssl Makefile
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)

4
crypto/openssl/crypto/dso/dso_lib.c
View File

@ -383,7 +383,7 @@ int DSO_set_filename(DSO *dso, const char *filename)
DSOerr(DSO_F_DSO_SET_FILENAME,ERR_R_MALLOC_FAILURE);
return(0);
}
strcpy(copied, filename);
BUF_strlcpy(copied, filename, strlen(filename) + 1);
if(dso->filename)
OPENSSL_free(dso->filename);
dso->filename = copied;
@ -422,7 +422,7 @@ char *DSO_convert_filename(DSO *dso, const char *filename)
ERR_R_MALLOC_FAILURE);
return(NULL);
}
strcpy(result, filename);
BUF_strlcpy(result, filename, strlen(filename) + 1);
}
return(result);
}

2
crypto/openssl/crypto/ec/Makefile.ssl
View File

@ -50,7 +50,7 @@ files:
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
@$(TOP)/util/point.sh Makefile.ssl Makefile
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)

2
crypto/openssl/crypto/ec/ecp_smpl.c
View File

@ -896,7 +896,7 @@ int ec_GFp_simple_oct2point(const EC_GROUP *group, EC_POINT *point,
}
form = buf[0];
y_bit = form & 1;
form = form & ~1;
form = form & ~1U;
if ((form != 0) && (form != POINT_CONVERSION_COMPRESSED)
&& (form != POINT_CONVERSION_UNCOMPRESSED)
&& (form != POINT_CONVERSION_HYBRID))

2
crypto/openssl/crypto/engine/Makefile.ssl
View File

@ -57,7 +57,7 @@ files:
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
@$(TOP)/util/point.sh Makefile.ssl Makefile
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)

10
crypto/openssl/crypto/engine/eng_ctrl.c
View File

@ -160,15 +160,19 @@ static int int_ctrl_helper(ENGINE *e, int cmd, long i, void *p, void (*f)())
case ENGINE_CTRL_GET_NAME_LEN_FROM_CMD:
return strlen(e->cmd_defns[idx].cmd_name);
case ENGINE_CTRL_GET_NAME_FROM_CMD:
return sprintf(s, "%s", e->cmd_defns[idx].cmd_name);
return BIO_snprintf(s,strlen(e->cmd_defns[idx].cmd_name) + 1,
"%s", e->cmd_defns[idx].cmd_name);
case ENGINE_CTRL_GET_DESC_LEN_FROM_CMD:
if(e->cmd_defns[idx].cmd_desc)
return strlen(e->cmd_defns[idx].cmd_desc);
return strlen(int_no_description);
case ENGINE_CTRL_GET_DESC_FROM_CMD:
if(e->cmd_defns[idx].cmd_desc)
return sprintf(s, "%s", e->cmd_defns[idx].cmd_desc);
return sprintf(s, "%s", int_no_description);
return BIO_snprintf(s,
strlen(e->cmd_defns[idx].cmd_desc) + 1,
"%s", e->cmd_defns[idx].cmd_desc);
return BIO_snprintf(s, strlen(int_no_description) + 1,"%s",
int_no_description);
case ENGINE_CTRL_GET_CMD_FLAGS:
return e->cmd_defns[idx].cmd_flags;
}

6
crypto/openssl/crypto/engine/eng_fat.c
View File

@ -107,14 +107,14 @@ static int int_def_cb(const char *alg, int len, void *arg)
}
int ENGINE_set_default_string(ENGINE *e, const char *list)
int ENGINE_set_default_string(ENGINE *e, const char *def_list)
{
unsigned int flags = 0;
if (!CONF_parse_list(list, ',', 1, int_def_cb, &flags))
if (!CONF_parse_list(def_list, ',', 1, int_def_cb, &flags))
{
ENGINEerr(ENGINE_F_ENGINE_SET_DEFAULT_STRING,
ENGINE_R_INVALID_STRING);
ERR_add_error_data(2, "str=",list);
ERR_add_error_data(2, "str=",def_list);
return 0;
}
return ENGINE_set_default(e, flags);

27
crypto/openssl/crypto/engine/engine.h
View File

@ -513,7 +513,7 @@ ENGINE *ENGINE_get_digest_engine(int nid);
* structure will have had its reference count up'd so the caller
* should still free their own reference 'e'. */
int ENGINE_set_default_RSA(ENGINE *e);
int ENGINE_set_default_string(ENGINE *e, const char *list);
int ENGINE_set_default_string(ENGINE *e, const char *def_list);
/* Same for the other "methods" */
int ENGINE_set_default_DSA(ENGINE *e);
int ENGINE_set_default_DH(ENGINE *e);
@ -616,17 +616,20 @@ typedef int (*dynamic_bind_engine)(ENGINE *e, const char *id,
const dynamic_fns *fns);
#define IMPLEMENT_DYNAMIC_BIND_FN(fn) \
int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns) { \
if(!CRYPTO_set_mem_functions(fns->mem_fns.malloc_cb, \
fns->mem_fns.realloc_cb, fns->mem_fns.free_cb)) \
return 0; \
CRYPTO_set_locking_callback(fns->lock_fns.lock_locking_cb); \
CRYPTO_set_add_lock_callback(fns->lock_fns.lock_add_lock_cb); \
CRYPTO_set_dynlock_create_callback(fns->lock_fns.dynlock_create_cb); \
CRYPTO_set_dynlock_lock_callback(fns->lock_fns.dynlock_lock_cb); \
CRYPTO_set_dynlock_destroy_callback(fns->lock_fns.dynlock_destroy_cb); \
if(!CRYPTO_set_ex_data_implementation(fns->ex_data_fns)) \
return 0; \
if(!ERR_set_implementation(fns->err_fns)) return 0; \
if (ERR_get_implementation() != fns->err_fns) \
{ \
if(!CRYPTO_set_mem_functions(fns->mem_fns.malloc_cb, \
fns->mem_fns.realloc_cb, fns->mem_fns.free_cb)) \
return 0; \
CRYPTO_set_locking_callback(fns->lock_fns.lock_locking_cb); \
CRYPTO_set_add_lock_callback(fns->lock_fns.lock_add_lock_cb); \
CRYPTO_set_dynlock_create_callback(fns->lock_fns.dynlock_create_cb); \
CRYPTO_set_dynlock_lock_callback(fns->lock_fns.dynlock_lock_cb); \
CRYPTO_set_dynlock_destroy_callback(fns->lock_fns.dynlock_destroy_cb); \
if(!CRYPTO_set_ex_data_implementation(fns->ex_data_fns)) \
return 0; \
if(!ERR_set_implementation(fns->err_fns)) return 0; \
} \
if(!fn(e,id)) return 0; \
return 1; }

9
crypto/openssl/crypto/engine/hw_cryptodev.c
View File

@ -12,9 +12,6 @@
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. Neither the name of the author nor the names of contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND ANY
* EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
@ -874,7 +871,6 @@ cryptodev_dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
goto err;
}
printf("bar\n");
memset(&kop, 0, sizeof kop);
kop.crk_op = CRK_DSA_SIGN;
@ -1054,14 +1050,17 @@ ENGINE_load_cryptodev(void)
if (engine == NULL)
return;
if ((fd = get_dev_crypto()) < 0)
if ((fd = get_dev_crypto()) < 0) {
ENGINE_free(engine);
return;
}
/*
* find out what asymmetric crypto algorithms we support
*/
if (ioctl(fd, CIOCASYMFEAT, &cryptodev_asymfeat) == -1) {
close(fd);
ENGINE_free(engine);
return;
}
close(fd);

2
crypto/openssl/crypto/err/Makefile.ssl
View File

@ -47,7 +47,7 @@ files:
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
@$(TOP)/util/point.sh Makefile.ssl Makefile
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)

2
crypto/openssl/crypto/err/err.c
View File

@ -1065,7 +1065,7 @@ void ERR_add_error_data(int num, ...)
else
str=p;
}
strcat(str,a);
BUF_strlcat(str,a,s+1);
}
}
ERR_set_error_data(str,ERR_TXT_MALLOCED|ERR_TXT_STRING);

2
crypto/openssl/crypto/evp/Makefile.ssl
View File

@ -67,7 +67,7 @@ files:
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
@$(TOP)/util/point.sh Makefile.ssl Makefile
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
cp $(TESTDATA) ../../test

2
crypto/openssl/crypto/evp/bio_ok.c
View File

@ -102,7 +102,7 @@
*) digest is initialized with random seed instead of
standardized one.
*) same seed is written to ouput
*) same seed is written to output
*) well-known text is then hashed and the output
of the digest is also written to output.

15
crypto/openssl/crypto/evp/digest.c
View File

@ -248,6 +248,7 @@ int EVP_MD_CTX_copy(EVP_MD_CTX *out, const EVP_MD_CTX *in)
int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in)
{
unsigned char *tmp_buf;
if ((in == NULL) || (in->digest == NULL))
{
EVPerr(EVP_F_EVP_MD_CTX_COPY,EVP_R_INPUT_NOT_INITIALIZED);
@ -262,15 +263,22 @@ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in)
}
#endif
if (out->digest == in->digest)
{
tmp_buf = out->md_data;
EVP_MD_CTX_set_flags(out,EVP_MD_CTX_FLAG_REUSE);
}
else tmp_buf = NULL;
EVP_MD_CTX_cleanup(out);
memcpy(out,in,sizeof *out);
if (out->digest->ctx_size)
{
out->md_data=OPENSSL_malloc(out->digest->ctx_size);
if (tmp_buf) out->md_data = tmp_buf;
else out->md_data=OPENSSL_malloc(out->digest->ctx_size);
memcpy(out->md_data,in->md_data,out->digest->ctx_size);
}
if (out->digest->copy)
return out->digest->copy(out,in);
@ -308,7 +316,8 @@ int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx)
if (ctx->digest && ctx->digest->cleanup
&& !EVP_MD_CTX_test_flags(ctx,EVP_MD_CTX_FLAG_CLEANED))
ctx->digest->cleanup(ctx);
if (ctx->digest && ctx->digest->ctx_size && ctx->md_data)
if (ctx->digest && ctx->digest->ctx_size && ctx->md_data
&& !EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_REUSE))
{
OPENSSL_cleanse(ctx->md_data,ctx->digest->ctx_size);
OPENSSL_free(ctx->md_data);

2
crypto/openssl/crypto/evp/evp.h
View File

@ -329,6 +329,8 @@ struct env_md_ctx_st
* once only */
#define EVP_MD_CTX_FLAG_CLEANED 0x0002 /* context has already been
* cleaned */
#define EVP_MD_CTX_FLAG_REUSE 0x0004 /* Don't free up ctx->md_data
* in EVP_MD_CTX_cleanup */
struct evp_cipher_st
{

14
crypto/openssl/crypto/evp/evp_enc.c
View File

@ -148,7 +148,19 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *imp
#endif
ctx->cipher=cipher;
ctx->cipher_data=OPENSSL_malloc(ctx->cipher->ctx_size);
if (ctx->cipher->ctx_size)
{
ctx->cipher_data=OPENSSL_malloc(ctx->cipher->ctx_size);
if (!ctx->cipher_data)
{
EVPerr(EVP_F_EVP_CIPHERINIT, ERR_R_MALLOC_FAILURE);
return 0;
}
}
else
{
ctx->cipher_data = NULL;
}
ctx->key_len = cipher->key_len;
ctx->flags = 0;
if(ctx->cipher->flags & EVP_CIPH_CTRL_INIT)

2
crypto/openssl/crypto/evp/evp_pbe.c
View File

@ -87,7 +87,7 @@ int EVP_PBE_CipherInit (ASN1_OBJECT *pbe_obj, const char *pass, int passlen,
if (i == -1) {
char obj_tmp[80];
EVPerr(EVP_F_EVP_PBE_CIPHERINIT,EVP_R_UNKNOWN_PBE_ALGORITHM);
if (!pbe_obj) strcpy (obj_tmp, "NULL");
if (!pbe_obj) BUF_strlcpy (obj_tmp, "NULL", sizeof obj_tmp);
else i2t_ASN1_OBJECT(obj_tmp, sizeof obj_tmp, pbe_obj);
ERR_add_error_data(2, "TYPE=", obj_tmp);
return 0;

2
crypto/openssl/crypto/evp/evp_pkey.c
View File

@ -210,7 +210,7 @@ EVP_PKEY *EVP_PKCS82PKEY (PKCS8_PRIV_KEY_INFO *p8)
#endif
default:
EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM);
if (!a->algorithm) strcpy (obj_tmp, "NULL");
if (!a->algorithm) BUF_strlcpy (obj_tmp, "NULL", sizeof obj_tmp);
else i2t_ASN1_OBJECT(obj_tmp, 80, a->algorithm);
ERR_add_error_data(2, "TYPE=", obj_tmp);
EVP_PKEY_free (pkey);

2
crypto/openssl/crypto/hmac/Makefile.ssl
View File

@ -47,7 +47,7 @@ files:
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
@$(TOP)/util/point.sh Makefile.ssl Makefile
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)

2
crypto/openssl/crypto/idea/Makefile.ssl
View File

@ -47,7 +47,7 @@ files:
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
@$(TOP)/util/point.sh Makefile.ssl Makefile
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)

2
crypto/openssl/crypto/krb5/Makefile.ssl
View File

@ -48,7 +48,7 @@ files:
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
@$(TOP)/util/point.sh Makefile.ssl Makefile ;
@sh $(TOP)/util/point.sh Makefile.ssl Makefile ;
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)

2
crypto/openssl/crypto/lhash/Makefile.ssl
View File

@ -47,7 +47,7 @@ files:
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
@$(TOP)/util/point.sh Makefile.ssl Makefile
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)

2
crypto/openssl/crypto/md2/Makefile.ssl
View File

@ -47,7 +47,7 @@ files:
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
@$(TOP)/util/point.sh Makefile.ssl Makefile
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)

2
crypto/openssl/crypto/md4/Makefile.ssl
View File

@ -48,7 +48,7 @@ files:
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
@$(TOP)/util/point.sh Makefile.ssl Makefile
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)

2
crypto/openssl/crypto/md5/Makefile.ssl
View File

@ -84,7 +84,7 @@ files:
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
@$(TOP)/util/point.sh Makefile.ssl Makefile
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)

2
crypto/openssl/crypto/mdc2/Makefile.ssl
View File

@ -47,7 +47,7 @@ files:
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
@$(TOP)/util/point.sh Makefile.ssl Makefile
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)

18
crypto/openssl/crypto/mem.c
View File

@ -252,7 +252,7 @@ void *CRYPTO_malloc_locked(int num, const char *file, int line)
void *ret = NULL;
extern unsigned char cleanse_ctr;
if (num < 0) return NULL;
if (num <= 0) return NULL;
allow_customize = 0;
if (malloc_debug_func != NULL)
@ -293,7 +293,7 @@ void *CRYPTO_malloc(int num, const char *file, int line)
void *ret = NULL;
extern unsigned char cleanse_ctr;
if (num < 0) return NULL;
if (num <= 0) return NULL;
allow_customize = 0;
if (malloc_debug_func != NULL)
@ -324,7 +324,7 @@ void *CRYPTO_realloc(void *str, int num, const char *file, int line)
if (str == NULL)
return CRYPTO_malloc(num, file, line);
if (num < 0) return NULL;
if (num <= 0) return NULL;
if (realloc_debug_func != NULL)
realloc_debug_func(str, NULL, num, file, line, 0);
@ -346,17 +346,21 @@ void *CRYPTO_realloc_clean(void *str, int old_len, int num, const char *file,
if (str == NULL)
return CRYPTO_malloc(num, file, line);
if (num < 0) return NULL;
if (num <= 0) return NULL;
if (realloc_debug_func != NULL)
realloc_debug_func(str, NULL, num, file, line, 0);
ret=malloc_ex_func(num,file,line);
if(ret)
{
memcpy(ret,str,old_len);
OPENSSL_cleanse(str,old_len);
free_func(str);
OPENSSL_cleanse(str,old_len);
free_func(str);
}
#ifdef LEVITTE_DEBUG_MEM
fprintf(stderr, "LEVITTE_DEBUG_MEM: | 0x%p -> 0x%p (%d)\n", str, ret, num);
fprintf(stderr,
"LEVITTE_DEBUG_MEM: | 0x%p -> 0x%p (%d)\n",
str, ret, num);
#endif
if (realloc_debug_func != NULL)
realloc_debug_func(str, ret, num, file, line, 1);

17
crypto/openssl/crypto/mem_dbg.c
View File

@ -597,6 +597,8 @@ static void print_leak(const MEM *m, MEM_LEAK *l)
struct tm *lcl = NULL;
unsigned long ti;
#define BUF_REMAIN (sizeof buf - (size_t)(bufp - buf))
if(m->addr == (char *)l->bio)
return;
@ -604,22 +606,22 @@ static void print_leak(const MEM *m, MEM_LEAK *l)
{
lcl = localtime(&m->time);
sprintf(bufp, "[%02d:%02d:%02d] ",
BIO_snprintf(bufp, BUF_REMAIN, "[%02d:%02d:%02d] ",
lcl->tm_hour,lcl->tm_min,lcl->tm_sec);
bufp += strlen(bufp);
}
sprintf(bufp, "%5lu file=%s, line=%d, ",
BIO_snprintf(bufp, BUF_REMAIN, "%5lu file=%s, line=%d, ",
m->order,m->file,m->line);
bufp += strlen(bufp);
if (options & V_CRYPTO_MDEBUG_THREAD)
{
sprintf(bufp, "thread=%lu, ", m->thread);
BIO_snprintf(bufp, BUF_REMAIN, "thread=%lu, ", m->thread);
bufp += strlen(bufp);
}
sprintf(bufp, "number=%d, address=%08lX\n",
BIO_snprintf(bufp, BUF_REMAIN, "number=%d, address=%08lX\n",
m->num,(unsigned long)m->addr);
bufp += strlen(bufp);
@ -641,7 +643,7 @@ static void print_leak(const MEM *m, MEM_LEAK *l)
ami_cnt++;
memset(buf,'>',ami_cnt);
sprintf(buf + ami_cnt,
BIO_snprintf(buf + ami_cnt, sizeof buf - ami_cnt,
" thread=%lu, file=%s, line=%d, info=\"",
amip->thread, amip->file, amip->line);
buf_len=strlen(buf);
@ -653,10 +655,11 @@ static void print_leak(const MEM *m, MEM_LEAK *l)
}
else
{
strcpy(buf + buf_len, amip->info);
BUF_strlcpy(buf + buf_len, amip->info,
sizeof buf - buf_len);
buf_len = strlen(buf);
}
sprintf(buf + buf_len, "\"\n");
BIO_snprintf(buf + buf_len, sizeof buf - buf_len, "\"\n");
BIO_puts(l->bio,buf);

2
crypto/openssl/crypto/objects/Makefile.ssl
View File

@ -55,7 +55,7 @@ files:
$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
links:
@$(TOP)/util/point.sh Makefile.ssl Makefile
@sh $(TOP)/util/point.sh Makefile.ssl Makefile
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)

Some files were not shown because too many files have changed in this diff Show More